Date: Sun, 16 Mar 2014 12:23:45 -0400 From: "Littlefield, Tyler" <tyler@tysdomain.com> To: freebsd-questions@freebsd.org Subject: configuring base server system: lots of questions Message-ID: <5325D011.8060807@tysdomain.com>
next in thread | raw e-mail | index | archive | help
hello: I am pressed on cash, but wanted to switch from Linode (Linux) to BSD. I had a few reasons, mainly that i like BSD quite a lot. I found the soyoustart servers and at least right now for my needs, it's working good. I am in the process of switching everything over--I'll do an install and will end up just wiping everything out and rebuilding this all later when I know exactly what I want to do, so I have a few questions: 1) I've seen a lot of discussion on ZFS. This server comes with 2 2tb drives on raid, so I assume it's a mirror. Would ZFS be useful in this case, or should I stick to UFS? I want to do a lot of work with jails: jail each individual service. Is this viable? I've also tightened up the kernel a bit and installed a pretty basic firewall. Are there other security concerns I need to worry about? What is the general checklist? 2) When accessing jails, I have a game I am developing that I want to host on this server. There are a few of us that will have access to the running copy--should they just sudo ezjail-admin console game, or is there a more secure method to allow individual users access? 3) I have 95 some odd updates with portmaster over the last two weeks. Is it viable somehow to just apply security patches? Is there a way to do that, until I have the time to sit down and apply all these updates individually? 4) My CFLAGS in make.conf looks like this: CFLAGS+=-O2 -march=native -s is this recommended? If not, what would be a better setup? Usually -O2 is a good level since -O3 tends (from what I've heard) to create a lot of cache misses. I wanted it to tune to my processor and strip. I was also looking at using -flto and -flto=8 (Is there a LDFLAGS), but I again wasn't sure if this was recommended. 5) Any other tips/advice would be awesome. I'll be deploying NGinx, php (fastcgi/other ideas), mysql and postfix to start with--possibly with amavis-new for spamassassin and clamav. Thanks in advance for the help, -- Take care, Ty http://tds-solutions.net He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5325D011.8060807>