Great. Thanks for that.
Im running v0.9.1 not sure about systemd version. It's Ubuntu 15.04
So I've followed your notes however I'm getting a load of:
Jul 27 07:05:04 lisa fail2ban-client[2299]: ERROR NOK: ('nginx-http-auth',)
When I do a status on the fail2ban service. Is that something I need to worry
about?
My filter :
https://gist.githubusercontent.com/willwade/5e76a5e916a79ca55e44/raw/97d864a95afc5d304c079a542cb00ded0978df2d/nginx-http-auth.conf
My jail.local section :
https://gist.githubusercontent.com/willwade/5e76a5e916a79ca55e44/raw/97d864a95afc5d304c079a542cb00ded0978df2d/jail.local
My fail2ban status output;
https://gist.githubusercontent.com/willwade/5e76a5e916a79ca55e44/raw/97d864a95afc5d304c079a542cb00ded0978df2d/output
Many thanks
Will
> On 27 Jul 2015, at 02:10, Harrison Johnson <[email protected]> wrote:
>
> What version of fail2ban are you using? And they what version of systemd are
> you using. I don't know about nginx but in general create a jail.local with:
>
> [nginx]
> enabled = true
> backend = systemd
>
> Then you need to know the systmed unit name is
> ?> systemctl | grep '.*nginx.*'
>
> you should have a line that says something like nginx.service
>
> in the /filter.d folder either edit the nginx.conf or make a ngnix.local
> file. Either way under the section:
> [Init]
> journalmatch = _SYSTEMD_UNIT=nginx.service
>
> then systemstl restart fail2ban.service to restart the server watch the log
> file on start up for errors. But before you switch over run this to make sure
> your journals are good.
>
> ?> journalctl --verify.
>
>
>> On Sun, 2015-07-26 at 21:56 +0100, Will Wade wrote:
>> Hi there
>> I'm on Ubuntu 15.04 and got nginx running fine. As per this question though
>> I noted that log rotate was screwy :
>> http://askubuntu.com/questions/629375/nginx-logrotate-logs
>>
>> The bottom answer is probably the correct one - I should switch over to
>> systemd. I have done but fail2ban really really can't read my logs now (it
>> couldn't when log rotate was bust but now it's totally not..)
>>
>> So I read that fail2ban* has been patched to deal with reading from systemd
>> but how? Can anyone give me a pointer?
>>
>> Many thanks
>>
>> Will
>>
>> * https://github.com/fail2ban/fail2ban/pull/224
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Fail2ban-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Fail2ban-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
