2024-06-19, 07:52 PM
That very well could be it. Let me investigate what this fail2ban config could look like against nginx. Thanks for brainstorming with me!
|
2024-06-19, 08:04 PM
(This post was last modified: 2024-06-19, 08:05 PM by TheDreadPirate. Edited 1 time in total.)
You wouldn't need to setup a separate fail2ban config for nginx. You'd stream the jellyfin logs to the nginx container, or put the jellyfin logs in a place both containers can read, and then setup the exact same fail2ban jellyfin config you are using now but on the nginx container.
Jellyfin 10.10.1 (Docker)
Ubuntu 24.04 LTS Intel i3 12100 Intel Arc A380 OS drive - SK Hynix P41 1TB Storage 3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library) ![[Image: GitHub%20Sponsors-grey?logo=github]](https://img.shields.io/badge/GitHub%20Sponsors-grey?logo=github){kind=icon}
2024-06-19, 08:50 PM
Your other option is to configure Jellyfin to write logs to a non-standard directory and that directory is a mapped volume on both nginx and jellyfin. Or symlinks.
Jellyfin 10.10.1 (Docker)
Ubuntu 24.04 LTS Intel i3 12100 Intel Arc A380 OS drive - SK Hynix P41 1TB Storage 3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
2024-06-19, 09:24 PM
Problem solved. Guidance seems to be that fail2ban should be on the most edge server in the network so your thinking was correct. Using this guide (https://betterstack.com/community/guides...og-server/) I set up an rsyslog server/client setup. On the client, I then streamed the JF logs into rsyslog, then forwarded the logs from .106 to .108. I migrated my f2b implementation to .108 as well and boom, it works.
Here's my custom config file for rsyslog: # Forward logs to rsyslog server *.* @@192.168.1.108:514 module(load="imfile" PollingInterval="10") #needs to be done just once input(type="imfile" File="/home/<username>/jellyfin/config/log/log*.log" Tag="jellyfin") jellyfin.* /home/<username>/jellyfin/config/log/log*.log 
1
|
|
|
|
|
