swissmakers_gmbh/fail2ban-ui
12
1
Fork 0
mirror of https://github.com/swissmakers/fail2ban-ui.git synced 2026-04-19 06:53:14 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Rewrite the documentation part 1

Browse Source
This commit is contained in:
Michael Reber
2026-02-14 00:14:43 +01:00
parent 85a286e3be
commit c18f753fdb
8 changed files with 543 additions and 1175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
docs/troubleshooting.md Normal file
View File

@@ -0,0 +1,106 @@
# Troubleshooting
## UI not reachable
Check:
- Container/service is running
- Host firewall allows the configured port
- Reverse proxy forwards correctly (if used)
- Firewalld port allowed?
Examples:
```bash
podman ps
podman logs fail2ban-ui
# systemd:
systemctl status fail2ban-ui
journalctl -u fail2ban-ui -f
# firewalld:
firewall-cmd --list-all
firewall-cmd --add-port=8080/tcp --permanent
firewall-cmd --reload
````
## Local connector fails
Check:
* Fail2Ban is running and socket exists
* Container has the socket mounted
* Permissions allow access to the socket
* SELinux problems
Examples:
```bash
systemctl status fail2ban
ls -la /var/run/fail2ban/fail2ban.sock
fail2ban-client status
# check the socked in the container:
podman exec -it fail2ban-ui ls -la /var/run/fail2ban/fail2ban.sock
# SELinux check for alerts (needs "setroubleshoot" linux package):
sealert -a /var/log/audit/audit.log
```
## SSH connector fails
Check:
* Key-based SSH works outside the UI
* Service account exists and has required sudo / facl permissions
* ACLs also allow modifications under `/etc/fail2ban`
Examples:
```bash
ssh -i ~/.ssh/<key> <user>@<host>
sudo -l -U <user>
getfacl /etc/fail2ban
# Connect manually from the fail2ban-UI connector to the remote host: (this example uses the "development/ssh_and_local" dev stack)
sudo podman exec -it fail2ban-ui ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o BatchMode=yes -i /config/.ssh/id_rsa -p 2222 testuser@127.0.0.1
```
## Bans fail due to firewall backend (nftables / firewalld)
Symptoms often mention `iptables (nf_tables)` or action startup errors.
Fix:
* Use Fail2Ban banactions matching your host firewall backend:
* firewalld (use on Rocky / Red Hat / Almalinux): `firewallcmd-rich-rules`, `firewallcmd-allports`
* nftables: `nftables-multiport`, `nftables-allports`
* legacy iptables: `iptables-multiport`, `iptables-allports`
## OIDC login problems
Check:
* Issuer URL is correct and reachable
* Redirect URI matches exactly: `https://<host>/auth/callback`
* Provider client configuration includes post-logout redirect to `https://<host>/auth/login`
Logs:
```bash
podman logs fail2ban-ui
# Also enable debug logging over env or over the webUI
```
## Database issues
Check:
* `/config` is writable by the container/service user
* SQLite file permissions are correct
Example:
```bash
ls -la /opt/fail2ban-ui
sqlite3 /opt/fail2ban-ui/fail2ban-ui.db "PRAGMA integrity_check;"