New to Cloudron. Having different issues
-
Hello Everyone,
I have been using Cloudron for about a month now, testing it and different apps I want to use. Up until about a week or so ago, I was able to access my /var/log/auth.log, /var/log/fail2ban.logs, etc. Now I cannot access them via ssh.
I am on 22.04 have created a sudo user and configured the Cloudron per the Cloudron docs. All logs seemed to have been accessible until about a week or so ago.
Moreover, I have not received several notifications from Cloudron such as weekly digests, app notifications, etc. since installation. The only notification I have received has been a new user logon to the Cloudron. Nothing else. My email system seems to work fine since it shows configured correctly and all the test emails are received.
Can someone please help me try to solve this/these issues?
-
@qilin said in New to Cloudron. Having different issues:
Now I cannot access them via ssh.
What do you mean by this? That you are not able to SSH into the server at all or you get some permission denied after you SSH?
Moreover, I have not received several notifications from Cloudron such as weekly digests, app notifications, etc. since installation. The only notification I have received has been a new user logon to the Cloudron. Nothing else. My email system seems to work fine since it shows configured correctly and all the test emails are received.
There is no weekly digest email on Cloudron. App notification by email depends on the app. Can you tell us which app you are refering to?
Generally, we removed most email notifications because people complained that they were mostly annoying and not serving any purpose. So... you have to visit the dashboard to see notifications now.
-
G girish marked this topic as a question on
-
Hi @girish. Thanks for the reply.
@qilin said in New to Cloudron. Having different issues:
Now I cannot access them via ssh.
What do you mean by this? That you are not able to SSH into the server at all or you get some permission denied after you SSH?
If I try to access them via ssh into the server. Thus cat /var/log/auth.log or cat var/log/fail2ban.log yields nothing. It just goes back to the command prompt. A week ago it would display the logs. I have not made any modifications since then.
I can log into the server fine with my ssh key and by the user which has sudo privileges. I have disabled root logins and password logins.
Therefore, I am not sure why I cannot access these logs anymore. I am thinking its a permissions issue, but don't know where to start with this.
Moreover, I have not received several notifications from Cloudron such as weekly digests, app notifications, etc. since installation. The only notification I have received has been a new user logon to the Cloudron. Nothing else. My email system seems to work fine since it shows configured correctly and all the test emails are received.
There is no weekly digest email on Cloudron. App notification by email depends on the app. Can you tell us which app you are refering to?
I have tried this with a Grav installation but I think you answered this part of the question since I was expecting notifications by email from Cloudron. The logs on the Cloudron dashboard do show the errors, memory issues, app restarts, etc.
Generally, we removed most email notifications because people complained that they were mostly annoying and not serving any purpose. So... you have to visit the dashboard to see notifications now.
Ok. I understand. I just read in the docs that this is what Cloudron was supposed to do. No worries. Thank you for letting me know.
-
@qilin said in New to Cloudron. Having different issues:
If I try to access them via ssh into the server. Thus cat /var/log/auth.log or cat var/log/fail2ban.log yields nothing. It just goes back to the command prompt. A week ago it would display the logs. I have not made any modifications since then.
Cloudron does not use fail2ban, so /var/log/fail2ban.log won't have anything. As for ssh access logs, try
journalctl -fa -u sshsince sshd logs to syslog/journalctl on Cloudron. -
@qilin Also for email, you can check if Cloudron is configured properly to send email in the Email view. There, select a domain and go to Status tab. You can also send a test email from the Email view - https://docs.cloudron.io/email/#send-test-email
-
I understand Cloudron does not come with fail2ban, but I followed the install docs and then the security docs here: https://docs.cloudron.io/security/. I have configured everything as per the docs.
I also installed fail2ban. That said /var/log/auth +/var/log/fail2ban used to work even a few weeks after Cloudron was installed. journalctl -fa -u ssh and lastlog work fine.
fail2ban service is working also.fail2ban-client status sshd yields:
A few weeks ago with Cloudron installed I could still access /var/log/fail2ban and /var/log/auth. Now its only through the above. The strange part is that there are no bans which is worrisome to me. While I was installing Cloudron there were several attempts to access ssh and now none are logged and/or banned.
journalctl sshd logs do not show other attempts to access my server via ssh. It only shows my logins via ssh.
So I am concerned why I cannot seem to find any ssh login attempts and cannot access some logs.
-
-
@qilin said in New to Cloudron. Having different issues:
No problems here. The email part works fine It was the notifications by email that I was referring to before and expecting to get from the Cloudron, as per the docs here:
Whoops, that is indeed outdated. Will fix.
-
@qilin said in New to Cloudron. Having different issues:
The strange part is that there are no bans which is worrisome to me.
So, this doesn't work most because fail2ban itself works by scanning log files and as you said, there is nothing in the auth.log.
Generally, this is outside Cloudron configuration (as in, Cloudron does not configure or update all this on the server). My understanding is sshd logs always to syslog. You can check the Facility with which it logs in /etc/ssh/sshd_config. I think from there it goes to /etc/rsyslog.d/* config files to log based on the facility. Not 100% sure, maybe others can chime in.
-
G girish has marked this topic as solved on
It was the notifications by email that I was referring to before and expecting to get from the Cloudron, as per the docs here: