hey @benzkji,
sounds legit, I guess the gateway/router can be translated to “load balancer” within the context of Nextcloud’s brute-force documentation, therefore your router will be flagged as brute-force source.
One possible solution (please understand before applying) is to whitelist IPs. You can do this in: settings/admin/security
if you have the brute-force settings
app installed. But do not add your gateway there, this will essentially disable brute-force detection for your NextBox, just your local machines’ IPs make sense to add here, as specific as possible.
Further Nextcloud has a mechanism to handle IPs as “proxy”, thus not count these as sources, but try to use the hop before (although I am not totally aware of how this exactly works). The backwards-proxy configuration uses this like that inside the nextcloud config:
'trusted_proxies' =>
array (
0 => '123.123.123.123',
),
123.123.123.123
is then to be replaced with your gateway IP. I’ve not tried this and can’t really tell if it will solve your issue. Keep in mind that this will be overwritten, if you activate the backwards proxy…
Last but not least, if your current solution is logging in via ssh, you might also automate this via a single ssh command like this:
ssh nextuser@123.123.123.123 docker exec nextbox-compose_db_1 -- \
mysql -u root -p yourmysqlpass nextcloud -e \
'DELETE FROM bruteforce_attempts WHERE <some-identifcation-for-row>'
But on the other side, this implies your are logging in from a LAN IP, then you could also simply whitelist this IP, guess this should help (if the whitelist works as I expect currently).
<insert-ssh-is-not-supported-warning-here>
feel free to share what helped best,
cheers