Project · oracle-mcp-infrastructure

oracle-mcp-infrastructure — High-Level Design

Host the Firney MCP broker on an OCI Always-Free instance — same goal as [[gcp-mcp-standalone/HLD]], a different cloud, and an IP-allowlist security model.

type hldstatus activeoci · mcp · architecture

Architecture

flowchart LR
  DEV["You (home IP)"] -- "SSH 22 / 8002 (IP-locked)" --> SL{{"Security List"}}
  subgraph OCI["OCI · Always-Free"]
    SL --> VM["Compute instance"]
    VM --> BRK["Firney broker :8002 (Docker)"]
  end
  ANS["Ansible install.yml"] -. configures .-> VM
  CI["GitLab CI · deploy.sh"] -. provisions .-> OCI

Components

Compartment · VCN 10.0.0.0/16 + Internet Gateway · Security List (SSH/8002 from home IP only, egress all) · Compute instance · Ansible (Docker + broker) · GitLab CI.

Decisions

  • IP-allowlist inbound (home IP → 22/8002) instead of the zero-port + Tailscale + tunnel model used on GCP — simpler to stand up, but ties access to a fixed IP and exposes ports (narrowly).
Compiled from wiki/projects/oracle-mcp-infrastructure/HLD.md · git is the source of truth