I decided to take another crack at the jail configuration I started in
Experiment 1. After reading bits and
pieces of a few random websites (including various ServerFault posts), on an
inkling I added the line
interface = "bge0"; to my
/etc/jail.conf file and
service jail restart www (
bge0 is my LAN interface on the host). After
jexecing in, I tried
pkg install nginx again and it worked like a charm!
I also noticed that when I run
ifconfig on my host now, both the original
10.0.2.201 and the jail’s 10.0.2.202 addresses had been added to the
interface. I wondered whether that meant that I could now SSH into the host
using the jail’s IP address. So on my laptop, I ran
ssh email@example.com and lo
and behold, it worked. The opposite, however, is not true: loading
http://10.0.2.201 in a web browser does not give me the beautiful “welcome to
nginx” page that http://10.0.2.202 has.
I’m sure some trickier stuff will arise when dealing with NAT and multiple interfaces, but for now I’m satisfied that I have a basic understanding of how to set up a service in a jail and expose it to the network.