Re: Web Hosting - IPs, Quotas and Jails

• Previous message: Miroslav Lachman: "Re: SATA software RAID-inkernel vs hardware"
• In reply to: Troy Settle: "Web Hosting - IPs, Quotas and Jails"
• Next in thread: Mark Bucciarelli: "Re: Web Hosting - IPs, Quotas and Jails"
• Reply: Mark Bucciarelli: "Re: Web Hosting - IPs, Quotas and Jails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 26 Oct 2005 21:36:20 +0100
To: Troy Settle <troy@psknet.com>

On Mon, Oct 24, 2005 at 11:56:22AM -0400, Troy Settle wrote:
> Anyways, here's where I need some help. I want to create a 3rd jail for
> Frontpage services. FP doesn't have any built in quota support that
> I've seen, so I'll need to depend on file system quotas.

CGIs can write files too, so if you allow users to upload their own CGIs
you'll have the same problem.

The alternative solution is to 'du' the disk space usage periodically (e.g.
nightly), and users who are overquota can be contacted and warned or their
site suspended, depending on how draconian you wish to be.

You'll probably need a similar mechanism in any case for dealing with users
who consume excessive amounts of bandwidth.

> Finally, I want to be able to offer advanced web services that will
> allow the customer to have SSL certificates, operate virtual FTP
> servers, etc... This requires that I have one IP per server, which
> means one jail per server. Jails are fun, but somehow, I don't think 50
> jails would be fun.

I believe you can use the same jail directory structure bound to different
IPs; just run 'jail' multiple times. You'll just need to take care if
running the same daemon multiple times; each instance will need to be told
to write to a different pid file, and will need a different config file
(otherwise there wouldn't be any point having multiple instances)

Regards,

Brian.
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

• Previous message: Miroslav Lachman: "Re: SATA software RAID-inkernel vs hardware"
• In reply to: Troy Settle: "Web Hosting - IPs, Quotas and Jails"
• Next in thread: Mark Bucciarelli: "Re: Web Hosting - IPs, Quotas and Jails"
• Reply: Mark Bucciarelli: "Re: Web Hosting - IPs, Quotas and Jails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages RE: Future development of Jail (was Re: corporate backers of freebsd) ... apparently never run the Microsot authentication server. ... have your answer as to why jail is a dead-end. ... Actually, somebody was paying the jail developer, and then ... FreeBSD server in a commercial corporate network over 13 years ago. ... (freebsd-questions) Re: Spam Problem ... I'm lost on this jail stuff. ... Configuring a jail is pleasantly simple. ... To relay any domains - that is to let them use your server - you ... And the latest sendmail is picky and rejects things by default ... (comp.unix.bsd.freebsd.misc) apache in "strange" jail getting permissions errors ... I create a master jail that I do not "boot". ... What I want to do is use my Solaris 10 server with 1.7TB ZFS file system exported through NFS as the root for each jail, with the same nullfs mounts as used above in the mdversion. ... So what I did is set up a local directory on the FBSD system with the normal / directories as I do above in the mdway of doing things and left a local directory for the apache stuff. ... The exact same apache config file when using the mdbacked space with all the same files and permissions, ... (freebsd-questions) Re: hiding system directories ... of my server. ... sound technical reasons for it, but the main reason seems to be ... within that jail. ... over HTTPS to provide read/write access to a secured directory and not ... (comp.os.linux.security) Re: Make a jail visible in different networks ... I need to have my jail serving in both LAN and VPN networks. ... static routes between your 10.5.1/24 subnet and your 192.168.1/24 subnet, or setting up additional VPN endpoint on the 192.168.1/24 network, or using NAT to map the jail IP onto the 10.5.1/24 netblock. ... 192.168.1.1 xl0 is linked to other remote server through tun0 with openvpn. ... As I said before, I'm also running mpd4 listening on ng0, and a jail with samba services on 192.168.1.10 xl0 alias. ... (freebsd-questions)