Tag: database

  • Setup fail2ban for MariaDB or Mysql running in Docker container

    Install fail2ban

    • Prevent hacker brute-force into server by public IP and public port
    • Run these command to install fail2ban
    sudo apt install fail2ban
    sudo systemctl enable fail2ban --now
    sudo systemctl status fail2ban
    sudo fail2ban-client status
    sudo fail2ban-client status sshd
    sudo fail2ban-client status mysqld-auth
    

    Expose database logs from container to host machine disk

    • check existing logs in Docker container docker logs some-mariadb-container-name
    • map custom cnf folder to MariaDB/Mysql Docker volume according to https://hub.docker.com/_/mariadb
    • see a complete list of available mariadb config.cnf options, just run docker run -it --rm mariadb:latest --verbose --help
    • add this line to your docker-compose.yml or portainer volumes: - /home/ubuntu/mariadb/cnf-folder:/etc/mysql/conf.d
    [mariadb]
    log-basename=master1
    log-warning=2
    expire-logs-days=30
    
    • log will wirte to disk at /home/ubuntu/mariadb-mysqldata/master1.err
    • sudo vi /home/ubuntu/mariadb-mysqldata/master1.err check running logs
    • restart mariadb container

    Add mariadb or mysql to fail2ban jail

    • sudo vi /etc/fail2ban/jail.local
    [mysqld-auth]
    enabled   = true
    port      = 58968
    filter    = mysqld-auth
    logpath   = /home/ubuntu/mariadb-mysqldata/master1.err
    findtime  = 3600
    maxretry  = 2
    bantime   = 86400
    
    • restart service sudo systemctl restart fail2ban.service
    • sudo fail2ban-client status
    • sudo fail2ban-client status mysqld-auth