Thursday, June 15, 2023

Oracle Free Tier VPN with Debian 12

I successfully installed Debian 12 on an Oracle Free Tier VPN with 4 CPU, 24GB memory, and 50 storage. 

Debian is not one of the images available, so I started off with Canonical Ubuntu 22.04 Minimal aarch64 for the image and VM.Standard.A1.Flex for the shape. I used PuttyGen to generate public and private keys and pasted the public key into the Oracle Create Compute Instance screen. After the instance was up and running I connected to the server using Putty with the private key attached.

After connecting, getting the GUI installed was my first priority.  I made a mistake in the installation with the lightdm desktop manager and was unable to connect with Windows Remote Desktop.  I made several attempts to fix the error to no avail.  

Oracle does not give the option to reinstall the OS to an existing instance for Free Tier customers. The only official option available was to destroy the instance and create a new one.  This is not an attractive option because available shapes are limited.  After trying to find a workaround I found a git that provided a script to reinstall a minimal Debian 10,11, or 12 remotely on a VPN.

I was skeptical but had nothing to lose.  To my pleasant surprise, the reinstallation was fast and flawless.  The script provides a fresh Debian 12 install with a user named debian.  I rebooted the server and logged back in with putty.  Since the ssh public key was destroyed after reinstallation, I logged in with password credentials and manually added the public key as follows:

Create a text file with the public ssh keys in the user's root directory:
$ sudo mkdir ~/.ssh/  
$ sudo nano ~/.ssh/authorized_keys Copy and paste the public key in the above file, save, and exit.
$ sudo reboot

With that task accomplished I was off to the races.

Here are the steps I followed to create a GUI XRDP environment:

$ sudo apt update && sudo apt upgrade

$ sudo apt install whiptail

$ sudo apt install accountsservice

$ sudo apt install lightdm

$ sudo dpkg-reconfigure lightdm

$ sudo apt install xfce4

$ sudo apt install xrdp
After a reboot, I was able to access the server with Windows Remote Desktop. 

If I've learned anything it's that I need to take periodic snapshots in case I incur another unrecoverable error.  The best software I found to accomplish this task is called Timeshift.
$ sudo apt install timeshift
After installation, the GUI version of Timeshift is available in the menu.  The first couple of times I used timeshift on an Oracle cloud VPN, I destroyed to bootloader and was forced to create new instances.  The problem is, Timeshift tries to overwrite Oracle's BlockVolume drive rendering the instance unusable and unrecoverable.  

When restoring a snapshot, make sure /boot and /boot/efi are both set to "Keep on Root Device" using the drop-down menu (by default, the program selects sda1 to restore grub2 which is incorrect) AND also click Bootloader Options (Advanced) and change the option for (re)install Grub2 on: to sda2.

Timeshift doesn't provide a way to change restoration defaults.  Timeshift's website says the program was designed for grub2 bootloader-type systems.  The risk of getting this wrong is pretty nerve-racking.  A better option for VPN on Oracle Cloud may be BackInTime, a snapshot utility that gives more control over the backup and restoration process.