Correct usage of /srv on debian systems

I'm a bit confused about what goes inside /srv and looking for good practices about its usage on Debian.

Acording to the FHS: "/srv contains site-specific data which is served by this system".

However I'm not sure if things like MySQL data files, munin's rrd files and stuff like that can/should be stored in /srv since they are not "served" directly.

I'm not asking if it's possible or how can it be accomplished, I'm asking about your experiences and good practices.

Solution 1:

I personally use the /srv hierarchy to serve:

• web server static content under /srv/www. In Debian (and RHEL derivatives) where SELinux compliance is important, this path is listed as httpd_sys_content by default:

  /srv/([^/]*/)?www(/.*)? all files  system_u:object_r:httpd_sys_content_t:s0
  

• NFSv4 exports. These filesystems are mounted under var/exports and bind-mounted under /srv/nfsv4/$export, and /srv/nfsv4 is configured to be the fsid=0. This path is also considered in the default SELinux policy:

  /srv/([^/]*/)?nfsv4(/.*)? all files  system_u:object_r:nfs_t:s0
  

• in Debian systems (i.e., no cobbler) I used to host all my tftp structure for provisioning, under /srv/tftpd/.

Another usual practice is to dedicate a logical volume to each of these services, this way you can specify mount options to help hardening your system, e.g., by mounting /srv/tftpd with ro,nodev,nosuid,noexec.