https://github.com/ttionya/fail2ban
Periodically build a debian-based image using `crazymax/fail2ban` to support the `systemd` backend. (Docker)
https://github.com/ttionya/fail2ban
Last synced: 8 months ago
JSON representation
Periodically build a debian-based image using `crazymax/fail2ban` to support the `systemd` backend. (Docker)
- Host: GitHub
- URL: https://github.com/ttionya/fail2ban
- Owner: ttionya
- License: mit
- Created: 2024-11-18T13:37:23.000Z (11 months ago)
- Default Branch: master
- Last Pushed: 2024-12-20T08:11:39.000Z (10 months ago)
- Last Synced: 2024-12-27T07:35:54.557Z (10 months ago)
- Language: Shell
- Homepage:
- Size: 374 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# fail2ban
[](https://hub.docker.com/r/ttionya/fail2ban/tags) [](https://hub.docker.com/r/ttionya/fail2ban) [](https://github.com/ttionya/fail2ban/blob/master/LICENSE)
This project is forked from [crazy-max/docker-fail2ban](https://github.com/crazy-max/docker-fail2ban) and modified based on it. **Any subsequent mention of `upstream` refers to that project.**
**Note: If you are NOT looking for this project with a strong purpose, please use the [crazymax/fail2ban](https://hub.docker.com/r/crazymax/fail2ban) image directly.**
## About
Two modifications were made when rebuilding of this project:
1. Built based on `debian:12-slim` instead of `alpine`
Alpine does not support the `systemd` backend. If you need to set `backend: systemd` due to the journal logging system, you can try using this image.
2. Built-in `inotify-tools`, including the `inotifywait` command.
If your log file names rotate over time, you can use `inotifywait` to monitor file creation or deletion and reload fail2ban.
## Usage
### fail2ban
The configuration for fail2ban is the same as upstream, please refer to the [crazy-max/docker-fail2ban documentation](https://github.com/crazy-max/docker-fail2ban/blob/master/README.md).
### inotifywait
You can use the built-in `inotifywait` to monitor the creation and removal of log files.
You only need to mount the configuration file to `/etc/inotifywait.conf`. **This configuration file is specific to this image.**
The typical configuration file is as follows:
```
# fail2ban-client reload (for all)
-m -e create,moved_from --include .*\.access\..*\.log$ /var/logs/nginx
# fail2ban-client reload nginx
-m -e create,moved_from --include .*\.access\..*\.log$ /var/logs/nginx [nginx]
# fail2ban-client reload nginx && fail2ban-client reload httpd
-m -e create,moved_from --include .*\.access\..*\.log$ /var/logs/nginx [nginx httpd]
```
1. Each line is an option section for `inotifywait` (excluding the `inotifywait` command).
2. Blank lines and lines starting with `#` are ignored.
3. The trailing `[jail]` is **OPTIONAL** and represents which jails need to be reloaded when the watch is triggered, separated by **SPACES**.
## Example
```sh
docker run -d \
--mount type=bind,source=/path/to/fail2ban/data,target=/data \
--mount type=bind,source=/path/to/inotifywait.conf,target=/etc/inotifywait.conf \
--mount type=bind,source=/path/to/logs,target=/var/logs \
ttionya/fail2ban
```
## Versioning
The version is divided into three parts, separated by hyphens (`-`).
| Part | Version | Description |
|------|---------|----------------------------------------------------------|
| 1 | `1.1.0` | `fail2ban` version number |
| 2 | `r1` | Upstream version number |
| 3 | `1` or `b1` | Project version number (`b` for beta, number for stable) |
The image version number follows the upstream release method and only retains the `fail2ban` version number.
## Schedule
To ensure the use of the latest dependencies, this image is rebuilt every Monday at 6:00 AM.
## Thanks
- [crazy-max/docker-fail2ban](https://github.com/crazy-max/docker-fail2ban)
- [Byh0ki/fail2ban](https://gitlab.com/byh0ki-org/containers/fail2ban)
- [fail2ban/fail2ban](https://github.com/fail2ban/fail2ban)
## License
MIT