My YunoHost server
Hardware: Chuwi larkbox pro (small computer box with intel x86_64 processor)
YunoHost version: 11.1.20.
I have access to my server : Through SSH & through the webadmin & direct access via keyboard / screen
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
Description of my issue
Hello all
I’m new here. I’m happily running a yunohost server since a couple of months. I was having a some minor issues which I couldn’t resolve. Then I found out there was a bunch of pending upgrades and updates, so I thought that might resolve the issues. I made the mistake to apply them all in one go without checking the server functionality between several updates. In the end I got a more serious issue: I couldn’t access the server anymore on my domain name and global IP. It took me some time to figure out something was going on with the fail2ban service. When I disable it everything functions normally. So at first it simply looks like my IP got banned (even though I haven’t had several failed login attempts). While that indeed is the case, there are a couple of other strange observations:
- When fail2ban is running the server is super slow, it clearly looks like a process is stuck in a loop. So, when I reach the server via its local IP things work, but very slowly.
- I had a closer look at the fail2ban configuration.
-Checking via
sudo cat /var/log/fail2ban.log
revealed the following ban:
[606]: NOTICE [recidive] Restore Ban
I tried removing the ban with
sudo fail2ban-client set recidive unbanip <my global ip>
though I get the following error:
[35019]: ERROR Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running?
It turns out that the directory /var/run/fail2ban is empty.
Searching online didn’t give me precise clues, but some possible roads:
- Somewhere I found that the path used to be /run/fail2ban. This path also exists on my server, but it is also an empty directory.
- I found this command to reveal fail2ban errors:
fail2ban-client -x start
Which gave me two errors:
[27386]: ERROR Could not read config files: /etc/fail2ban/ [...with a list of .conf files related to all the installed apps]
[27386]: ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail
The conf files seemed to have permissions: 640. After changing to 644 this error disappeared.
So I’m still stuck with the unban issue, and I guess I also need to resolve the nginx log file issue. But I also wonder if this would resolve the hanging process issue I was speaking of. Perhaps a re-install of fail2ban would be appropriate? And if so, how to do that in a yunohost-way…?