diff --git a/www/docs/deployment.md b/www/docs/deployment.md new file mode 100644 index 00000000..eed261cb --- /dev/null +++ b/www/docs/deployment.md @@ -0,0 +1,34 @@ +## Fail2ban + +File Browser does not natively support protection against brute force attacks. Therefore, we suggest using something like [fail2ban](https://github.com/fail2ban/fail2ban), which takes care of that by tracking the logs of your File Browser instance. For more information on how fail2ban works, please refer to their [wiki](https://github.com/fail2ban/fail2ban/wiki). + +### Filter Configuration + +An example filter configuration targeted at matching File Browser's logs. + +```ini +[INCLUDES] +before = common.conf + +[Definition] +datepattern = `^%%Y\/%%m\/%%d %%H:%%M:%%S` +failregex = `\/[a-z]*\/[a-z]*: \d{3} *` +``` + +### Jail Configuration + +An example jail configuration. You should fill it with the path of the logs of File Browser, as well as the port where it is running at. + +```ini +[filebrowser] + +enabled = true +port = [your_port] +filter = filebrowser +logpath = [your_log_path] +maxretry = 10 +bantime = 10m +findtime = 10m +banaction = iptables-allports +banaction_allports = iptables-allports +``` diff --git a/www/docs/installation.md b/www/docs/installation.md index 0f22c06a..05e1b5b4 100644 --- a/www/docs/installation.md +++ b/www/docs/installation.md @@ -78,8 +78,10 @@ File Browser is now up and running. Read some [first boot](#first-boot) for more Your instance is now up and running. File Browser will automatically bootstrap a database, in which the configuration and the users are stored. You can find the address in which your instance is running, as well as the randomly generated password for the user `admin`, in the console logs. -Although this is the fastest way to bootstrap an instance, we recommend you to take a look at other possible options, by checking `config init --help` and `config set --help`, to make the installation as safe and customized as it can be. - > [!WARNING] > > The automatically generated password for the user `admin` is only displayed once. If you fail to remember it, you will need to manually delete the database and start File Browser again. + +Although this is the fastest way to bootstrap an instance, we recommend you to take a look at other possible options, by checking `config init --help` and `config set --help`, to make the installation as safe and customized as it can be. + +If your goal is to have a public-facing deployment, we recommend taking a look at the [deployment](deployment.md) page for more information on how you can secure your installation. diff --git a/www/mkdocs.yml b/www/mkdocs.yml index 4d31bb47..d489dcd5 100644 --- a/www/mkdocs.yml +++ b/www/mkdocs.yml @@ -97,8 +97,10 @@ extra: nav: - Home: index.md - - Installation: installation.md - - Configuration: configuration.md + - Getting Started: + - Installation: installation.md + - Configuration: configuration.md + - Deployment: deployment.md - Contributing: - Contributing: contributing.md - Code of Conduct: code-of-conduct.md