Scott McEachern wrote:
... I ended up doing this:
- one OpenBSD box, with multiple IP address aliases
- one OpenBSD firewall, which rdr's external IPs to the appropriate
webserver IP
- 5 chrooted OpenBSD default (1.3.29) Apache's (at this time, I have no
need for Apache 2, but hey, it's in ports.)
- 5 custom httpd.conf files for each
- 5 custom php.ini files for each (plus other related config file friends)
- 5 different httpd daemons for each (httpd0-4), just in case
- virtual aliases with Apache is not a solution because the sites use
https/ssl
- all the sites have all the php-*, pear-*, mod_* stuff at their disposal
I have the same setup running. Each apache instance runs chrooted under
their own user id and home directory.
The setup I had before that was more interesting as it only needed one
IP. A main httpd instance was setup to do proxy for the individual
httpd instances of each site. The main instance ran on port 80 with the
real IP. The site instances ran on localhost with each their own port
number and weren't accessible from outside of the machine. Logging, SSL
and maintenance is a pain though.