Feature request - log file generation for fail2ban to monitor

[jedd]

Greetings,

I'm running a dedicated VM for rainy, which is publically visible on its own port, of course. I would like to protect it with fail2ban. Is there a way to monitor failed connection attempts other than using "Mono --debug"?

Also from a security perspective, can I ask if there's a way for users to change their own password, or indeed for admin to change the password for a given user?

[Dynalon]

Right now there is only the debug.log / Rainy -vvvv.

Note that --debug for mono does not give you rainy output, but for non-developers useless output of the mono runtime - you might want to disable this as it impacts performance.

If you have enabled note encryption, there is no way for the user or admin to change the password.

The admin will never be able to change a users password by design, because the pasword is the encryption key secret. Allowing the admin to do so would require rainy to store the key, which defeats the whole purpose of note encryption.

As for user passwords change, it is somewhat planned but not yet exposed to rainy as an API. The code to reencrypt a note backend is there, but not yet finished. This will come in future versions.

[jedd]

Great, thanks Dynalon - will do some more testing to make sure I can recover my notes after a server rebuild, but so far it's looking really good. Forgive my apparent obtuseness, but could you please point me at the method for enabling / disabling note encryption by the way?

[Dynalon]

Disabling encryption is not possible ATM. It is in the code, it works for unit tests etc. but there are some pieces missing in exposing it as the REST api, thus I removed the config option from the settings.conf.

[jedd]

Aha - it all makes sense now! Thanks again.