Earlier in 2025, I signed up for Oracle’s “Free Forever” cloud offer. It was, and still is, one of the most generous free tiers available, especially for developers and hobbyists. I wrote a post to document my setup, and today I’m updating it with a more modern, simpler stack and more tips for anyone starting out.
The goal remains the same: to combine all the “Always Free” resources into a single, powerful virtual private server (VPS) that you can use for your projects without ever paying a dime. This guide is my personal reference for setting it up again, and I hope it helps you too.
What You Actually Get: The “Always Free” Powerhouse
First, let’s be clear about how generous this offer is. When you consolidate the main resources for a single server, this is what you get, for free, forever:
| Component / Purpose | “Always Free” Allocation | How It Benefits Your Server |
| Server CPU & RAM | 4 ARM OCPUs & 24 GB RAM | This is the core of your machine. It’s powerful enough to run multiple apps, a game server, or a complex web service. |
| Primary Storage | 200 GB Block Storage | Your server’s “hard drive.” Plenty of space for the OS, software, and your project files. |
| Web Server | Caddy (Self-Installed) | A modern, simple web server with automatic HTTPS from Let’s Encrypt. No more manual SSL setup! |
| Database | 2 Autonomous Databases | You get two dedicated, fully-managed Oracle databases. Offloading your database work to these frees up your server’s CPU and RAM. |
| Networking | 1 Load Balancer & 10 TB/month Data Transfer | A stable public entry point for your services and a massive amount of free bandwidth. |
Let’s build it.
Step 1: Sign Up and Create the Instance
- Sign Up for the Offer: Go to the Oracle Cloud Free Tier page and sign up. You will need a credit card for verification, but you won’t be charged as long as you only use “Always Free” eligible resources.
- Select Your Home Region: Choose your region carefully. All your “Always Free” resources must be in this single region.
- Create a VM Instance: From the OCI console dashboard, click “Create a VM instance”
- Configure the Instance:
- Name: Give your server a name, like vps-main.
- Placement: Leave as is.
- Image and Shape: This is the most important part.
- Click “Edit“.Click “Change Image” and select Ubuntu (the latest LTS version is a great choice).Click “Change Shape“. Select “Ampere” under “Shape series” and choose the VM.Standard.A1.Flex shape.Drag the OCPU slider to 4 and the Memory slider to 24. This uses up your entire free ARM allocation for maximum power.Click “Select shape“.
- Create! Click “Create” at the bottom. It will take a minute or two to provision. Once it’s “Running” (green), note down its Public IP Address.
Step 2: Connect to Your Server via SSH
You’ll use an SSH client to connect. If you’re on Windows, you can use PowerShell or WSL. On macOS or Linux, use your terminal.
- Move the private key you downloaded (ssh-key-….key) to a secure location, like ~/.ssh/.
- Set the correct permissions for the key. This is a mandatory security step.
# Replace the path with the actual path to your key chmod 400 /path/to/your/private-key.key
- Connect to the server using the ubuntu user and your server’s public IP.Generated bash
# Replace the IP and key path ssh -i /path/to/your/private-key.key [email protected]
Type yes when prompted to trust the host. You are now logged into your new server!
Step 3: Essential Server Security (The Two Firewalls)
Before installing anything, we need to open up ports for web traffic. In OCI, there are two firewalls you need to configure:
- The Cloud Firewall (OCI Security List): This is at the network level.
- The Server Firewall (UFW): This runs on your Ubuntu server itself.
3.1 Configure the OCI Security List
- In your OCI Console, navigate to your instance’s details page.
- Click on the link to your Virtual Cloud Network (VCN).
- On the left, click “Security Lists” and then click the default security list.
- Click “Add Ingress Rules”.
- Add a rule to allow all HTTP/HTTPS traffic. This is crucial for Caddy to work.
- Source CIDR: 0.0.0.0/0 (This means “from any IP address”)
- IP Protocol: TCP
- Destination Port Range: 80,443
- Description: Allow web traffic
- Click “Add Ingress Rules” to save.
3.2 Configure the Server Firewall (UFW)
Now, on the server itself (in your SSH session), we’ll configure ufw (Uncomplicated Firewall).
# Update your server's package list sudo apt update && sudo apt upgrade -y # Allow SSH connections (so you don't lock yourself out!) sudo ufw allow ssh # Allow HTTP and HTTPS traffic sudo ufw allow http sudo ufw allow https # Enable the firewall sudo ufw enable
Press y to proceed. Your server is now secured, but allows web traffic through both firewalls.
Step 4: Install Caddy Web Server (with Automatic HTTPS)
This is where we replace NGINX and Certbot with a much simpler solution. Caddy is a modern web server that automatically provisions and renews free SSL certificates from Let’s Encrypt.
- Install Caddy: We’ll add Caddy’s official repository to ensure we get updates. Run these commands one by one:
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list sudo apt update sudo apt install caddy
Configure Caddy: Caddy is configured with a simple file called Caddyfile. Let’s create a basic configuration that serves a test message.
- Open the Caddyfile with a text editor:
sudo nano /etc/caddy/Caddyfile
- Delete all the default content and replace it with this:
your-domain.com {
respond "Hello from my new Oracle server!"
}
- Important: Replace your-domain.com with the actual domain name you will point to this server.
- Save the file and exit (Ctrl+X, then Y, then Enter).
- Reload Caddy: To apply the new configuration, run:
sudo systemctl reload caddy
Step 5: Configure Your DNS
Now, point your domain name to the server’s IP address.
- Go to your domain registrar (Namecheap, GoDaddy, Cloudflare, etc.).
- Find the DNS management section for your domain.
- Create an “A” record:
- Host/Name: @ (for the root domain your-domain.com) or www (for www.your-domain.com).
- Value/Points to: Your server’s Public IP Address.
- TTL (Time to Live): Set to the lowest possible value or leave it as default.
- Save the record. DNS changes can take anywhere from a few minutes to a few hours to propagate.
Step 6: Final Verification
Once your DNS has updated, open a web browser and navigate to https://your-domain.com.
You should see your message: “Hello from my new Oracle server!” and, more importantly, a padlock icon in the address bar. Caddy has automatically handled the entire HTTPS process for you!
What’s Next? Ideas for Your New Server
You now have a powerful, secure, and free ARM server. Because this is an ARM-based machine (like a Raspberry Pi on steroids), you’ll want to use software that is compatible. Here are some great ideas:
- Host a Website or Web App: Caddy can easily run a static site (file_server) or act as a reverse proxy for applications written in Node.js, Python, Go, or PHP. All of these have excellent ARM support.
- Run Docker: Install Docker (sudo apt install docker.io) and manage multiple applications in containers. Just remember to use Docker images built for the linux/arm64 architecture. Many official images on Docker Hub are multi-arch and will work seamlessly.
- Host a Minecraft Server: The standard Java version of the Minecraft server runs perfectly on ARM. Just install a Java runtime (sudo apt install default-jre) and you’re good to go.
- Media Server: Set up Plex or Jellyfin. Both have official, native builds for ARM64 that work great.
- Connect to the Autonomous Database: Install your application stack on the server and use the free Oracle database as your backend for amazing performance, freeing up your server’s resources.
Crucial Final Tip: Oracle may reclaim “idle” Always Free instances. An instance is idle if it has very low CPU, memory, or network usage for 7 days. The easiest way to prevent this is to run a small, persistent process or a cron job that performs a simple task regularly. Running a web server that gets occasional traffic is usually sufficient.
Enjoy your free forever server
