From c1f3e5c5334a641a7f334b3735f20ad22a5f24cc Mon Sep 17 00:00:00 2001
From: geraldmarcos <gerald789654@gmail.com>
Date: Wed, 11 Feb 2026 19:00:18 -0500
Subject: [PATCH 1/2] Add OCI Linux template

---
 registry/coder/templates/oci-linux/README.md  |  32 +++++
 registry/coder/templates/oci-linux/main.tf    | 116 ++++++++++++++++++
 .../coder/templates/oci-linux/variables.tf    |  44 +++++++
 3 files changed, 192 insertions(+)
 create mode 100644 registry/coder/templates/oci-linux/README.md
 create mode 100644 registry/coder/templates/oci-linux/main.tf
 create mode 100644 registry/coder/templates/oci-linux/variables.tf

diff --git a/registry/coder/templates/oci-linux/README.md b/registry/coder/templates/oci-linux/README.md
new file mode 100644
index 000000000..c833c5fb7
--- /dev/null
+++ b/registry/coder/templates/oci-linux/README.md
@@ -0,0 +1,32 @@
+---
+display_name: Oracle Cloud Infrastructure (Linux)
+description: Provision OCI VMs as Coder workspaces
+icon: ../../../../.icons/oci.svg
+verified: false
+tags: [vm, linux, oci]
+---
+
+# Remote Development on Oracle Cloud Infrastructure (OCI)
+
+Provision OCI VMs as [Coder workspaces](https://coder.com/docs/workspaces) with this template.
+
+## Prerequisites
+
+### Oracle Cloud Infrastructure Account
+You need an active OCI account.
+
+### Required Variables
+To use this template, you must provide the following variables. These can be found in your OCI Console.
+
+1.  **tenancy_ocid**: The OCID of your tenancy. Found in **Governance & Administration** -> **Tenancy Details**.
+2.  **user_ocid**: The value of the specific user's OCID. Found in **Identity** -> **Users**.
+3.  **fingerprint**: Create an API key for the user (in **User Details** -> **API Keys**) and get the fingerprint.
+4.  **private_key_path**: The local path to the private key file corresponding to the public key you uploaded. This path must be accessible by the Coder server or provisioner.
+5.  **region**: Your OCI region (e.g., `us-ashburn-1`).
+6.  **compartment_ocid**: The OCID of the compartment where resources will be created.
+7.  **image_id**: The OCID of the Linux image (e.g., Ubuntu 22.04) you want to use.
+    *   Go to **Compute** -> **Platform Images** to find the generic image OCID for your region (e.g. `Canonical Ubuntu`).
+
+## Resources Created
+- VCN, Subnet, Internet Gateway, Route Table
+- OCI Compute Instance (default shape: VM.Standard.A1.Flex)
diff --git a/registry/coder/templates/oci-linux/main.tf b/registry/coder/templates/oci-linux/main.tf
new file mode 100644
index 000000000..e69f6b5ff
--- /dev/null
+++ b/registry/coder/templates/oci-linux/main.tf
@@ -0,0 +1,116 @@
+terraform {
+  required_providers {
+    coder = {
+      source = "coder/coder"
+    }
+    oci = {
+      source = "oracle/oci"
+    }
+  }
+}
+
+provider "oci" {
+  tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region
+}
+
+data "coder_workspace" "me" {}
+
+resource "coder_agent" "main" {
+  auth           = "token"
+  arch           = length(regexall("A1", var.instance_shape)) > 0 ? "arm64" : "amd64"
+  os             = "linux"
+  startup_script = <<EOT
+    #!/bin/bash
+    set -euo pipefail
+    # Install code-server
+    curl -fsSL https://code-server.dev/install.sh | sh
+    code-server --auth none --port 13337 >/dev/null 2>&1 &
+  EOT
+}
+
+resource "coder_app" "code-server" {
+  agent_id = coder_agent.main.id
+  slug     = "code-server"
+  display_name = "code-server"
+  url      = "http://localhost:13337/?folder=/home/coder"
+  icon     = "/icon/code.svg"
+  subdomain = false
+  share     = "owner"
+
+  healthcheck {
+    url       = "http://localhost:13337/healthz"
+    interval  = 5
+    threshold = 6
+  }
+}
+
+resource "oci_core_vcn" "main" {
+  cidr_block     = "10.0.0.0/16"
+  compartment_id = var.compartment_ocid
+  display_name   = "coder-vcn"
+}
+
+resource "oci_core_subnet" "main" {
+  cidr_block        = "10.0.1.0/24"
+  compartment_id    = var.compartment_ocid
+  vcn_id            = oci_core_vcn.main.id
+  display_name      = "coder-subnet"
+  route_table_id    = oci_core_route_table.main.id
+  security_list_ids = [oci_core_vcn.main.default_security_list_id]
+}
+
+resource "oci_core_internet_gateway" "main" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.main.id
+  display_name   = "coder-internet-gateway"
+}
+
+resource "oci_core_route_table" "main" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.main.id
+  display_name   = "coder-route-table"
+
+  route_rules {
+    destination       = "0.0.0.0/0"
+    destination_type  = "CIDR_BLOCK"
+    network_entity_id = oci_core_internet_gateway.main.id
+  }
+}
+
+data "oci_identity_availability_domains" "ads" {
+  compartment_id = var.tenancy_ocid
+}
+
+resource "oci_core_instance" "main" {
+  availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name
+  compartment_id      = var.compartment_ocid
+  display_name        = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"
+  shape               = var.instance_shape
+
+  dynamic "shape_config" {
+    for_each = length(regexall("Flex", var.instance_shape)) > 0 ? [1] : []
+    content {
+      memory_in_gbs = 6
+      ocpus         = 1
+    }
+  }
+
+  create_vnic_details {
+    subnet_id        = oci_core_subnet.main.id
+    assign_public_ip = true
+  }
+
+  source_details {
+    source_type = "image"
+    source_id   = var.image_id
+  }
+
+  metadata = {
+    ssh_authorized_keys = coder_agent.main.initial_runner_user_public_key
+    user_data           = base64encode(coder_agent.main.init_script) // Crucial requirement
+  }
+}
diff --git a/registry/coder/templates/oci-linux/variables.tf b/registry/coder/templates/oci-linux/variables.tf
new file mode 100644
index 000000000..1bde3fdb1
--- /dev/null
+++ b/registry/coder/templates/oci-linux/variables.tf
@@ -0,0 +1,44 @@
+variable "tenancy_ocid" {
+  description = "The OCID of your tenancy."
+  type        = string
+  sensitive   = true
+}
+
+variable "user_ocid" {
+  description = "The OCID of the user calling the API."
+  type        = string
+  sensitive   = true
+}
+
+variable "fingerprint" {
+  description = "The fingerprint for the API key."
+  type        = string
+  sensitive   = true
+}
+
+variable "private_key_path" {
+  description = "The path to the private key used for authentication."
+  type        = string
+  sensitive   = true
+}
+
+variable "region" {
+  description = "The OCI region (e.g. us-ashburn-1)."
+  type        = string
+}
+
+variable "compartment_ocid" {
+  description = "The OCID of the compartment to contain the resources."
+  type        = string
+  sensitive   = true
+}
+
+variable "instance_shape" {
+  description = "The shape of the instance."
+  default     = "VM.Standard.A1.Flex"
+}
+
+variable "image_id" {
+  description = "The OCID of an Ubuntu image (or other Linux) in your region."
+  type        = string
+}

From bfd1bfb865699a548a3d1a9578758365ed24f27c Mon Sep 17 00:00:00 2001
From: geraldmarcos <gerald789654@gmail.com>
Date: Wed, 11 Feb 2026 19:57:48 -0500
Subject: [PATCH 2/2] Fix: Tie instance lifecycle to workspace stop

---
 registry/coder/templates/oci-linux/main.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/registry/coder/templates/oci-linux/main.tf b/registry/coder/templates/oci-linux/main.tf
index e69f6b5ff..2d9fd39e7 100644
--- a/registry/coder/templates/oci-linux/main.tf
+++ b/registry/coder/templates/oci-linux/main.tf
@@ -86,6 +86,7 @@ data "oci_identity_availability_domains" "ads" {
 }
 
 resource "oci_core_instance" "main" {
+  count               = data.coder_workspace.me.start_count
   availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name
   compartment_id      = var.compartment_ocid
   display_name        = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"