Hi Everyone,
The NextCloudPi Docker image does not contain Fail2Ban.
I’m currently running NCP on a docker container using an external BTFRS formatted hard drive for the data.
I was wondering how can I get to the NextCloud log files so that I can use Fail2Ban on the host with my dockerized NCP container…
Thank you in advance for any suggestions!
Mario
Depending distro
sudo apt install fail2ban
should install it, for configuration options can check man pages or have a look at How to Install and Configure Fail2Ban to Secure Linux Server
And full how-to is in the gist.
You only need to locate yours nextcloud.log file. It is in data folder, so please check how you run your container and where you mount your data folder. Then just added this path to the config.
Thank you very much! Working like a charm!
Hi,
I also want fail2ban for my NCP dockers exposed ports. I located my nextcloud.log, did 2 wrong logins and got “Login failed:”, but as Remote IP I get always my docker0 interface ip address 172.18.0.1.
So I won’t catch intruders but only myself. Just checked from home LAN. Not yet connected to internet.
Docker runs in default bridge mode.
TIA
Same answer as above from myself and Gas85
Install and configure fail2ban manually, as ncp docker does not include them.
Thanks, for the quick answer. Yes, I’ve read, and yes fail2ban is installed on my Pi (the docker host). I also found the nextcloud.log, where I see the “Login failed:” but:
I don’t see the real source address in the nextcloud.log I see for different sources (smartphone&desktop pc) always the bridge ip/gateway from the docker net (172.18.0.1).
So if fail2ban will catch it, it will block all traffic then, as all visitors and intruders will have 172.18.0.1 in the log. And this is the log in the container, so if I install f2b in the container as well, I will have the same problem.