Fail2Ban Docker Setup

letarzen · August 9, 2020, 12:44pm

Hello,
i would like to set up fail2ban in addition to Nextcloud (Docker, v19, x86-64). For this purpose I have set up a Bind Mount on /var/www. When I want to access the log file now, “Permission denied” appears.

What can I do? Best without changing the permissions?

Thanks

Edit: I tried changing the permissions anyway. When I want to display it on the host system, only chmod 777 works, but the permission is reset after every change of the log file by Nextcloud.

Reiner_Nippes · August 9, 2020, 8:22pm

as which user?

nextcloud.log has default permission 0640 (web-server user). and that’s a good idea. in terms of security.

letarzen · August 10, 2020, 5:46am

Thanks for your answer.

This message appears when I access the file as a non-root user on the host system. For this reason Fail2Ban cannot access the file.

gas85 · August 10, 2020, 1:10pm

Usually fail2ban executed as root, otherwise it could not influence iptables or any other Firewall that you have. In this case there should not be any problem to access any log in a system.
Also check this out:

gist.github.com

https://gist.github.com/GAS85/957e0b1a4f30120225a7be09b173eb24

nextcloud_fail2ban.md

Fail2ban and Nextcloud
=====================================

## Prerequsits

* Ubuntu 20.04
* nextcloud, fail2ban and e.g. iptables are installed

## Short how-to harden your Nextcloud Server with Fail2Ban

This file has been truncated. show original

letarzen · August 10, 2020, 6:15pm

Thanks. You’re right. I assumed fai2ban wouldn’t work because fail2ban regex didn’t work. But now everything works.