Advice on Implementation on Docker with Host Using nginx?

[smyoss]

First of all, I'd like to express my gratitude for creating such an amazing project. Thank you for your hard work and dedication!

I am writing to seek your assistance with implementing Fail2ban for Kimai, which is running in Docker and Nginx, while Fail2ban is running in the host machine.

I've been trying to figure out the best approach for implementing Fail2ban to secure my Kimai installation, but I'm not sure how to configure it properly. I would greatly appreciate any guidance or tips that you may have on this.

Some of the specific issues that I'm encountering include:

• How to configure Fail2ban to monitor the logs of Kimai running in Docker and Nginx on the host machine. I'd like to have fail2ban at that level as I have many other instances already using it. I can't get Kimai to detect the bad login and write it to the syslog. I'm using the following right now in my docker configuration:

• logging:
  driver: "syslog"
  options:
    tag: "kimai-time"
  

• What would be the best Fail2ban filter and regex to use for detecting and banning suspicious activity in Kimai. I'm using the default one you provided.

• Any other considerations or best practices that I should be aware of when implementing Fail2ban for Kimai in Docker.

I would be grateful if you could provide any assistance or point me in the right direction. Thank you again for your amazing project and for any help that you can offer. Thank you!

Cheers.

Steve.

[BeckeBauer]

I mapped the folder

    volumes:
      - ./var:/opt/kimai/var

In the subfolder /var/logs you will find the fail2ban.log file
You can use it as logpath in your jail.d config and block IPs with unauthorized access to your Kimai app