In order to secure my installation, I decided to create different virtual hosts using LXC.
- pride
- physical host and firewall
- lust
- DNS Server using PowerDNS
- wrath
- Web frontend using Nginx, serves static content
- gluttony
- Web server serving dynamic content using Apache and PHP
- greed
- Distributed Versionning Control System using Mercurial
- sloth
- Game related applications
- despair
- Database server using MySQL
- envy
- Voice over IP using Teamspeak 2 & 3 and Mumble
- dante
- SMTP Server using Postfix
- deploy
- Deployment scripts and applications
Each container is part of a virtual private LAN. Only pride has an external IP. Every request are NATted to the corresponding host.