Posts by reeloop

    Hi,


    I´ve tried to set up Onlyoffice Container for Nextcloud.


    Unfortunatly I´ve ended in reset permissions for some AppData folders and messed up completly :(. Now all Dockers fail to work correctly.

    Is there a fix to reset the permissions?


    I get this error for every Container I try to restart:


    Error response from daemon: Cannot restart container: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"/s6-init\": permission denied": unknown


    For example letsencrypt-docker:

    pasted-from-clipboard.png


    Homeassistant:

    pasted-from-clipboard.png


    permissions for sharedfolders:

    pasted-from-clipboard.png


    permissions for AppData:

    pasted-from-clipboard.png


    Could someone please tell me which permissions I´ve to set?


    best regards

    Dirk

    I´ve copied the nextcloud.log manually and run the regex test:


    Test seems to be ok and find some failed logins, but status of the jail is:


    Code
    Status for the jail: nextcloud
    |- Filter
    | |- Currently failed: 0
    | |- Total failed: 0
    | `- File list: /config/log/nginx/nextcloud.log
    `- Actions
    |- Currently banned: 0
    |- Total banned: 0
    `- Banned IP list:

    Hm, ok, is it possible to save the log outside the nextcloud docker or alternative read the nextcloud docker location from the letsencrypt docker?


    If I try to set a path outside the container-path in nextcloud config.php nothing happens.
    If I try to read a path outside the letsencrypt container-path in fail2ban jail, fail2ban will not start:

    Code
    Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running?

    No, the logfile is /sharedfolders/Nextcloud/nextcloud.log



    If I use this path in jail.conf I´m not able to start fail2ban service:

    Code
    Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running?

    I believe it´s because this path is not available in the docker letsencrypt in which fail2ban is active!?

    Hi,


    thanks, unfortunately I´m not able to install fail2ban, there is only this waiting screen:
    Bildschirmfoto 2018-12-30 um 17.09.47.png


    Nevertheless, I´ve fail2ban is already installed with the letsencrypt docker: https://hub.docker.com/r/linuxserver/letsencrypt


    I´ve found the error log with the failed logins in my Nextcloud-Folder /sharedfolders/Nextcloud/nextcloud.log


    Code
    {"reqId":"oni6bfmPMlF6SV1A8FIU","level":2,"time":"2018-12-30T15:24:11+01:00","remoteAddr":"172.18.0.2","user":"--","app":"core","method":"POST","url":"\/index.php\/login","message":"Login failed: 'test' (Remote IP: '172.18.0.2')","userAgent":"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/71.0.3578.98 Safari\/537.36","version":"15.0.0.10"}

    If I put this path to jail.conf fail2ban will not start, I believe because it runs in a docker without access to "/sharedfolders/Nextcloud"!?


    So for testing I put a copy of the file in /sharedfolders/AppData/letsencrypt/log/nginx/nextcloud.log
    fail2ban is starting, but there is still no success:

    Code
    Status for the jail: nextcloud
    |- Filter
    | |- Currently failed: 0
    | |- Total failed: 0
    | `- File list: /config/log/nginx/nextcloud.log
    `- Actions
    |- Currently banned: 0
    |- Total banned: 0
    `- Banned IP list:

    My Jail.conf:

    My filter "nextcloud.conf":


    Code
    [Definition]
    failregex=^{"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)","level":2,"time":".*"}$
    ^{"reqId":".*","level":2,"time":".*","remoteAddr":".*","app":"core".*","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)".*}$
    ^.*\"remoteAddr\":\"<HOST>\".*Trusted domain error.*$

    I´ve tried your filter, but it´s also not working.

    Hi,


    I followed the videos by technodadlife to setup nextcloud in docker. Everything works fine, except fail2ban.
    I can do as many failed logins without getting blocked, there is only 30 seconds delay for each new login.


    Status of the jails with "docker exec -it letsencrypt fail2ban-client status":

    Code
    |- Number of jail: 3
    `- Jail list: nginx-badbots, nginx-botsearch, nginx-http-auth


    Status for the jail: nginx-http-aut

    Code
    |- Filter
    | |- Currently failed: 0
    | |- Total failed: 0
    | `- File list: /config/log/nginx/error.log
    `- Actions
    |- Currently banned: 0
    |- Total banned: 0
    `- Banned IP list:


    My jail.local

    Is the path to the logfiles for fail2ban correct?
    /config/log/nginx/error.log
    /config/log/nginx/access.log


    I can find nextcloud-logs in "/sharedfolders/letsencrypt/log/nginx/"
    "access.log" and "error.log"


    In access.log I find a login with the false username, but there is no hint for an error:
    31.16.115.12 - - [29/Dec/2018:22:45:21 +0100] "GET /index.php/login?user=fake HTTP/1.1" 200 4573 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"


    I think fail2ban listen to the wrong log-files, but I can´t find the right path, maybe my nextcloud-settings for the logs are wrong?
    I´ve already tried to change my nextcloud config.php and add the following lines:



    Code
    'log_type' => 'file',
    'loglevel' => 2,
    'logtimezone' => 'Europe/Berlin',
    'logfile' => '/var/log/nextcloud.log',


    But there is nothing in nextcloud.log


    Maybe someone can help me with that.


    Thanks!