Comment on Help setting up fail2ban for jellyfin both in docker?
just_another_person@lemmy.world 2 days ago
Why? Fail2ban is best placed on the host closest to a network entrypoint. Unless you’re intentionally avoiding a bridged network, this isn’t going to do much for your security unless the containers are directly addressed by an attached interface and an open service.
I won’t go into a whole diatribe, but you should be running containers as single-process instances of applications. You only cause issues by cramming other process to run inside a container.
What are you using it to block, exactly?
basic_user@lemmy.world 2 days ago
Oh I can see how my title could be misunderstood - what I meant is that both jellyfin and fail2ban are running in (separate) docker containers. Not both services crammed.into one.
InvertedParallax@lemm.ee 2 days ago
That’s worse.
Fail2ban isn’t an application like jellyfin, it’s a security framework that should be built in to the gateway router.
just_another_person@lemmy.world 2 days ago
But what are you trying to use fail2ban for?
basic_user@lemmy.world 2 days ago
To prevent brute force login attempts into my jellyfin service.