# Multiple domains



## gpatrick (Jun 7, 2010)

This is really just a question about what may be the best way to setup a couple of websites that will be accepting payments from Paypal.

I will have two domains and am behind NAT so I'll need a non-authoritative nameserver.  I will also be having mail for each domain.  Likely also a MySQL server.

I'll be using Apache and CGI, Bind, MySQL, and mail will likely be OpenSMTPD (maybe Postfix).

My thoughts are:
1) One OpenBSD server which will do httpd, mail, DNS, MySQL.
2) FreeBSD with one jail for Apache with virtual domains, a jail for mail, a jail for MySQL, and a jail for Bind.
3) FreeBSD like option 2, but each domain would have its own httpd jail.
4) FreeBSD like option 3, but each domain would have an individual jail for MX in addition to a jail for each httpd.

I don't want anything complex and will have an OpenBSD pf firewall in front.  Opinions and thoughts on the three options, or other alternatives.


----------



## jailed (Jun 10, 2010)

Hello,

2) That's the way I go.
3) You can separate websites with permissions and modules with one Apache server. But if you're paranoid you can go with separate httpd servers.
4) I think separate mail servers are unnecessary. If it's about load you can use more than one server. But you are talking about jails on the same server. So I think it's more about security, not about load. Two copy of the same server doesn't mean secure for me. If you have other reasons, I don't know.

Managing too many systems (server/jail) always take time. I think less server is better and I go with 2 if you have not got any reason for that.

You can use a http or mail proxy like Nginx.

We use ipfw/freebsd for firewall and it's good.


----------



## vivek (Jun 13, 2010)

If you are open to option, try lighttpd, it got chroot support. No need to setup jail.


----------



## gpatrick (Jun 13, 2010)

I'm always willing to try something else.  Thanks for the suggestion.


----------

