il/ilnmors-homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cb4d17f99e136637c975ff12309f32f58b0dd60d
ilnmors-homelab/docs/issues/crowdsec/260321_immich.md
il cb4d17f99e docs(issues): add the past issues which existed before tracking issues 
add crowdsec false positive issues

fix the file name of affine android oidc issues
2026-04-27 19:50:04 +09:00

1.0 KiB
Raw Blame History

Immich crowdsec false positive issue

Status

  • Finished

Date

  • 2026-03-21

Version

  • Immich: 2.6.1

Problem

  • When users access and log in Immich while Immich is generating thumbnail, all connections to homelab services are refused.
    • fw ban users' IP address.

Reason

  • Immich sends 404 error to clients when the client request thumbnail while it is generating them.
  • LAPI decides a ban when a lot of 404 errors occur in short time

Timeline

  • 2026-03-21: Release Immich
  • 2026-03-21: Find the false positive case, and add whitelist

Solution

  • Access to fw
    • Check the ban list with sudo cscli alerts list
    • Read the ban case with sudo cscli alerts inspect $NUMBER
  • Add regex on whitelist
    • evt.Meta.target_fqdn == 'Immich.ilnmors.com' && evt.Meta.http_path contains '/api/assets/' && evt.Meta.http_path contains '/thumbnail'
  • Delete false positive decision
    • Check false positive decision with sudo cscli decision list
    • Delete false positive decision with sudo cscli decision list --id $ID
Reference in New Issue View Git Blame Copy Permalink