Fail2Ban Docker Setup

i would like to set up fail2ban in addition to Nextcloud (Docker, v19, x86-64). For this purpose I have set up a Bind Mount on /var/www. When I want to access the log file now, “Permission denied” appears.

What can I do? Best without changing the permissions?


Edit: I tried changing the permissions anyway. When I want to display it on the host system, only chmod 777 works, but the permission is reset after every change of the log file by Nextcloud.

as which user?

nextcloud.log has default permission 0640 (web-server user). and that’s a good idea. in terms of security.

Thanks for your answer.

This message appears when I access the file as a non-root user on the host system. For this reason Fail2Ban cannot access the file.

Usually fail2ban executed as root, otherwise it could not influence iptables or any other Firewall that you have. In this case there should not be any problem to access any log in a system.
Also check this out:

1 Like

Thanks. You’re right. I assumed fai2ban wouldn’t work because fail2ban regex didn’t work. But now everything works.

1 Like