trying to follow this tutorial, i was not able to get fail2ban to work in my setup, so here is a gist in case I forget.
sudo apt install fail2bansudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.localedit your preferred defaults in here. e.g. bantime, ignoreip
volumes:
- /path/to/logs:/data/logs[INCLUDES]
[Definition]
failregex = ^<HOST>.+" (4\d\d|3\d\d) (\d\d\d|\d) .+$
^.+ 4\d\d \d\d\d - .+ \[Client <HOST>\] \[Length .+\] ".+" .+$
#https://www.the-lazy-dev.com/en/install-fail2ban-with-docker/
[Definition]
actionstart = iptables -N f2b-npm-docker
iptables -A f2b-npm-docker -j RETURN
iptables -I FORWARD -p tcp -m multiport --dports 0:65535 -j f2b-npm-docker
actionstop = iptables -D FORWARD -p tcp -m multiport --dports 0:65535 -j f2b-npm-docker
iptables -F f2b-npm-docker
iptables -X f2b-npm-docker
actioncheck = iptables -n -L FORWARD | grep -q 'f2b-npm-docker[ \t]'
actionban = iptables -I f2b-npm-docker -s <ip> -j DROP
actionunban = iptables -D f2b-npm-docker -s <ip> -j DROP
[npm]
enabled = true
chain=INPUT
maxretry = 3
bantime = 48h
findtime = 60m
logpath = /path/to/logs/default-host_*.log
/path/to/logs/proxy-host-*.log
action = docker-action
On step 3 mount your log folder outside of nginx proxy manager. Are you referring to redirecting and mounting the nginx proxy logs outside of the proxy or is it just mounting the fail2ban log there? Sorry i'm just a little confused and any help would be appreciated. I've been trying different configs over the past few days and even though fail2ban has been able to see the nginx logs, nothing has been banned so I am starting over with this solution.