chore: remove webhook, .env.example; comment out optional compose vars

- Remove WEBHOOK_URL from server.js and compose (too many untestable edge cases)
- Delete .env.example (config is now inline in docker-compose.yml)
- Comment out ABUSEIPDB_API_KEY, CF_EMAIL, CF_APIKEY in compose by default

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -1,5 +1,4 @@
 # F2B Control Center — edit values below, then: docker-compose up -d
-# Cloudflare WAF banning: fill in CF_EMAIL + CF_APIKEY — activates automatically.
 
 version: "3.9"
 
@@ -28,10 +27,9 @@ services:
     environment:
       PORT:              "4000"
       SUBNETS_TO_IGNORE: "10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
-      ABUSEIPDB_API_KEY: ""   # optional — enables threat scoring & auto-ban
-      WEBHOOK_URL:       ""   # optional — POST on every manual ban
-      CF_EMAIL:          ""   # optional — Cloudflare account email (enables WAF banning)
-      CF_APIKEY:         ""   # optional — Cloudflare Global API Key
+      # ABUSEIPDB_API_KEY: ""   # enables threat scoring & auto-ban
+      # CF_EMAIL:          ""   # Cloudflare account email  (enables WAF banning)
+      # CF_APIKEY:         ""   # Cloudflare Global API Key (enables WAF banning)
       LOG_DIR:       "/nginx-logs"
       FAIL2BAN_LOG:  "/var/log/fail2ban.log"
       JAIL_LOCAL:    "/etc/fail2ban/jail.local"