Components
- OCI network — Compartment, VCN (
10.0.0.0/16), Internet Gateway, and a Security List that allows only your home IP on SSH (22) and the broker port (8002); egress open. - Compute — an OCI instance (Always-Free target) for the broker.
- Ansible —
ansible/install.ymlinstalls Docker + the broker. - CI —
.gitlab-ci.yml+scripts/deploy.shautomate provisioning.
Stack
Terraform (OCI provider) · Ansible · OCI VCN / Compute / Security Lists · GitLab CI · Docker.
Relationship to gcp-mcp-standalone
Same goal, different cloud and a simpler security model: here SSH/8002 are allowed inbound but IP-locked to your home address, whereas gcp-mcp-standalone/README opens zero inbound ports and uses Tailscale + a Cloudflare Tunnel instead.
Source
~/Terraform/oracle-mcp-infrastructure/. Architecture: oracle-mcp-infrastructure/HLD.
wiki/projects/oracle-mcp-infrastructure/README.md · git is the source of truth