fail2ban won't start using nextcloud.log with jail

0
votes

I have nextcloud installed and working fine in a docker but want to have fail2ban monitor the log files for brute force attempts. I know nextcloud has it's own baked in but it just throttles the log in attempts and I would like to all out ban them (I also have this problem with other containers as well). The docker-compose is set to create the nextcloud.log file to /mnt/nextcloud/log/nextcloud.log. I followed this guide to create the jail

https://www.c-rieger.de/nextcloud-installation-guide-ubuntu/#c06

Fail2ban is running on the host machine however, fail2ban fails to start with: 

[447]: ERROR   Failed during configuration: Have not found any log file for nextcloud jail

[447]: ERROR   Async configuration of server failed

Thinking it was simply a permission issue, I chowned everything to root and tried to start again but still the service won't start. What am I doing wrong?

Thanks for the help!

1
dockerdocker-composedockerfilenextcloudfail2ban

1 Answers

0
votes

The docker-compose is set to create the nextcloud.log file to /mnt/nextcloud/log/nextcloud.log

Be sure this file really exists and your jail.local has correct entry logpath:

[nextcloud]
...
logpath = /mnt/nextcloud/log/nextcloud.log

You can also check resulting config using dump:

fail2ban-client -d | grep 'nextcloud.*logpath'

But I'm still not sure the error message you provide was throwed by fail2ban, because its error messages look different, see https://github.com/fail2ban/fail2ban/commit/27947407bc7910f0f50972113218ebc73c4a22c7

It should be something like:

-have not found a log file for nextcloud log
+Have not found any log file for nextcloud jail