@sbourdette said in Z-push / Fail2ban / backend unavailable:
Every night, I stop the backend for backup purpose. (30min)
Then every device trying to sync during this time is banned because the authentification to the backend is unavailable.
assuming your fail2ban jail is called “z-push” and the host serving z-push “zphost”:
Before taking down the backend, call
ssh zphost 'fail2ban-client stop z-push'
When your server is ready to authenticate again, call
ssh zphost 'fail2ban-client reload z-push'
The latter will throw an error, which can be ignored - alternatively call reload twice.
The above procedure will prevent fail2ban from reacting on the specific jail while your server is down.