NextCloudPi on Docker ArmHf - how to get Fail2Ban functionality back

Hi Everyone,

The NextCloudPi Docker image does not contain Fail2Ban.
I’m currently running NCP on a docker container using an external BTFRS formatted hard drive for the data.
I was wondering how can I get to the NextCloud log files so that I can use Fail2Ban on the host with my dockerized NCP container…

Thank you in advance for any suggestions!
Mario

Depending distro

sudo apt install fail2ban

should install it, for configuration options can check man pages or have a look at https://linuxhandbook.com/fail2ban-basic/

And full how-to is in the gist.
You only need to locate yours nextcloud.log file. It is in data folder, so please check how you run your container and where you mount your data folder. Then just added this path to the config.

Thank you very much! Working like a charm!

1 Like

Hi,

I also want fail2ban for my NCP dockers exposed ports. I located my nextcloud.log, did 2 wrong logins and got “Login failed:”, but as Remote IP I get always my docker0 interface ip address 172.18.0.1.
So I won’t catch intruders but only myself. Just checked from home LAN. Not yet connected to internet.
Docker runs in default bridge mode.

TIA

Same answer as above from myself and Gas85
Install and configure fail2ban manually, as ncp docker does not include them.

Thanks, for the quick answer. Yes, I’ve read, and yes fail2ban is installed on my Pi (the docker host). I also found the nextcloud.log, where I see the “Login failed:” but:

I don’t see the real source address in the nextcloud.log I see for different sources (smartphone&desktop pc) always the bridge ip/gateway from the docker net (172.18.0.1).

So if fail2ban will catch it, it will block all traffic then, as all visitors and intruders will have 172.18.0.1 in the log. And this is the log in the container, so if I install f2b in the container as well, I will have the same problem.