Date: Wed, 26 Aug 2009 22:59:34 -0400 From: APseudoUtopia <apseudoutopia@gmail.com> To: freebsd-questions@freebsd.org Subject: Information on Setting up a Jailed Webserver Message-ID: <27ade5280908261959q39aeab15ta300048b861a50f7@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello, I have a small site which runs PostgreSQL, Nginx, and PHP. I'm looking into running nginx inside a jailed host on my server for security reasons (eg, if there is a hole in a php script). The website root is actually a working copy of my subversion repository. I have svnserve running through OpenVPN. My plan would be to have svnserve and OpenVPN running on the "main" system, and nginx/php running inside a jail. I was wondering if it would be somehow possible to run a command on the main system that updates the svn working copy inside the jail for nginx to serve. Would I need to do the "svn up" over tcp/ip from the jail to the main system? Or can I somehow update it via file://path/to/main/repo? I've never used or setup a jail before, so how everything works is a bit confusing to me. Right now, I use an svn post-commit hook to update the www working copy. Also, how memory-intensive is a jail? I'm willing to run postgresql in another jail as well if it wouldn't be too memory-intensive. And possibly even an IRC server. I'm running FreeBSD 7.2-RELEASE-p3. Thank you for the suggestions, advise, and criticisms.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?27ade5280908261959q39aeab15ta300048b861a50f7>