How to secure NCP + docker?

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
,
7

Fail2ban & docker

This setup seems to work for me. Follow the nextcloud tutorial for “jail” and “filter” files creation, moreover add a line banaction = docker-action to the “jail” file and finally create a file /etc/fail2ban/action.d/docker-action.conf where, according to this post, should be something like this:

[Definition]
actioncheck = iptables -n -L FORWARD | grep -q 'DOCKER-USER[ \t]'
actionban = iptables -I DOCKER-USER -s <ip> -j DROP
actionunban = iptables -D DOCKER-USER -s <ip> -j DROP

Restart fail2ban service and that’s it, I am not sure if this is a correct setup but I have tested it and after failed login attempts, an IP is successfully blocked.