I have read around the forum for a bit and have a general idea of a decent structure for a server, let's use my own use case as an example.
Static Site Jail: Nginx Reverse Proxy deploying mydomain.com, otherdomain.com.
Git repository jail: Nginx + Cgit/other git implementation.
File upload jail: Nginx + bespoke file storage system.
Host system: HAProxy + Cloudflared(or maybe I misunderstood wrong, they seem like they'd conflict).
As far as I can see, that is the right idea but then that leaves the question of how do I set up the host? if I pretend each jail is its own little system, I can manage it. Now getting the host to tie it all together is where I am just kind of lost. I have read HAProxy's man page which ironically made me even more confused.
Anyone able to point me to more concrete examples, or provide some very short pseudo config to explain how to tie it all together.
Getting hammered from random IP's in China, Ukraine and USA on my current VPS setup (using Ubuntu) makes me wary of doing this wrong as I move my random assortment of services to FreeBSD, as so far I have had no issues with Cloudflare's various protections but I'm not sure how useful that is when everything is running on one machine with no sandboxing.
Static Site Jail: Nginx Reverse Proxy deploying mydomain.com, otherdomain.com.
Git repository jail: Nginx + Cgit/other git implementation.
File upload jail: Nginx + bespoke file storage system.
Host system: HAProxy + Cloudflared(or maybe I misunderstood wrong, they seem like they'd conflict).
As far as I can see, that is the right idea but then that leaves the question of how do I set up the host? if I pretend each jail is its own little system, I can manage it. Now getting the host to tie it all together is where I am just kind of lost. I have read HAProxy's man page which ironically made me even more confused.
Anyone able to point me to more concrete examples, or provide some very short pseudo config to explain how to tie it all together.
Getting hammered from random IP's in China, Ukraine and USA on my current VPS setup (using Ubuntu) makes me wary of doing this wrong as I move my random assortment of services to FreeBSD, as so far I have had no issues with Cloudflare's various protections but I'm not sure how useful that is when everything is running on one machine with no sandboxing.