I have also made the bitwarden user owner and given and verified write permissions of that user to bitwarden.log. However when I restart bitwarden and intentionally create a login failure in the webui, no logs appear in that file.
I have also tried putting the bitwarden.log file within the /opt/bitwarden/bwdata/logs/ (this is the logDirectory globalSetting) with no change.
Am I doing something wrong or is there another strategy I should be taking to accomplish this? I do see a syslog__destination in the globalSettings. Should this be used?
Based on that, I looked in that folder and found failure logs from yesterday and the day before (from before the changes I made in the above post). I commented out the three lines that I added to the global.override.env and restarted bitwarden. I then attempted a failed login but a new text file with today’s date was not created and an event was not logged.
I looked at the nginx logs and it seems like that produces a 400 and records the IP on failed attempts so maybe I can just use that. I’ve never setup fail2ban before though so I’m wondering if there was a reason others didn’t do that in the article I linked to above. I can’t help but think there’s a reason for all that.