I recently setup Nextloud 12 <a href="https://nextcloud.com/" rel="nofollow">https://nextcloud.com/</a> inside a FreeBSD jail. My Nextcloud instance is externally accessible, and yet if someone were to get inside my Jail, I could rest easy knowing they still didn’t have access to the rest of my host server. I chronicled the setup process including jail setup using iocage <a href="https://github.com/iocage/iocage" rel="nofollow">https://github.com/iocage/iocage</a>, https with Lets Encrypt <a href="https://letsencrypt.org/" rel="nofollow">https://letsencrypt.org/</a>, and full setup of the web stack.