Has anyone had any success setting up a fail2ban jail for Duplicacy? The way the log file is set up it makes it really challenging to build a regex for fail2ban.
So you want a log message when there is a failed login attempt (either for the master password or the administration password)? Currently no log message is printed when a wrong password is entered.
Actually I’m using @saspus docker container so I should actually reach out to him instead about the way he set up logging for the container.
@saspus I have no way of opening issues in bitbucket or maybe I haven’t looked hard enough. The current way the duplicacy_web.log is generated makes it very difficult to parse multiple lines with a fail2ban regex.
For instance this is an entry example:
2020/12/06 22:32:14 172.18.0.3:53068 POST /verify_password
2020/12/06 22:32:14 Incorrect admin password: derived token is <64_character_token>, admin token is <64_character_token>
I’ve tried multiple variations of writing a fail2ban regex for this but because the second line doesn’t have an IP or a hostname, fail2ban acts up and their workaround has not worked for me. Do you think you can help me?
duplicacy_web.log is generated by duplciacy_web. I don’t do anything with it except redirecting to container’s STDOUT.
My bad. That was a tiny project made for myself and I was using bitbucket just to dump and version scripts somewhere. But now I guess enough people use it and I realized I have never enabled issue tracker there. Done now.
Amazing project. I love it!
Yes, I can add the ip address to the log message in the coming release.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.