When you configure /t/apache/, /t/nginx/ or what ever web server software you prefer, point the root directory at /public/ and keep anything you don't want people to publicly access a level under that directory. It's not rocket appliances (NSFW: Language).
* By like, I mean like. Names are not accurate for security reasons.
Personally my web based repo's are like* this:
When you configure /t/apache/, /t/nginx/ or what ever web server software you prefer, point the root directory at /public/ and keep anything you don't want people to publicly access a level under that directory. It's not rocket appliances (NSFW: Language).
* By like, I mean like. Names are not accurate for security reasons.