Hi,
I’ve been trying to set up fail2ban for jellyfin both running in docker from compose and I’m doing something wrong.
Can someone tell me what path in the docker compose file you use for jellyfin logs and what path you use in the jail.d and the filter in filter.d?
Thanks
PS. Sorry for low detail, but I’m on phone and don’t have my current conf readily available. Will provide if necessary.
Why? Fail2ban is best placed on the host closest to a network entrypoint. Unless you’re intentionally avoiding a bridged network, this isn’t going to do much for your security unless the containers are directly addressed by an attached interface and an open service.
I won’t go into a whole diatribe, but you should be running containers as single-process instances of applications. You only cause issues by cramming other process to run inside a container.
What are you using it to block, exactly?
Oh I can see how my title could be misunderstood - what I meant is that both jellyfin and fail2ban are running in (separate) docker containers. Not both services crammed.into one.
That’s worse.
Fail2ban isn’t an application like jellyfin, it’s a security framework that should be built in to the gateway router.
But what are you trying to use fail2ban for?
To prevent brute force login attempts into my jellyfin service.
These people seem…pretty stupid tbh. Maybe they don’t understand what fail2ban is, or what it does, but you should absolutely use fail2ban. Security is objectively better by just having it enabled than not for any service, not just jellyfin.