Initial release: F2B Control Center v1.0

Fail2Ban + Nginx Proxy Manager dashboard in a single Docker container.

Features:
- Auto-ban via badbot, http-errors, npm-probe, manual-bans, recidive jails
- Web dashboard: live ban grid, log scanner, per-IP access log viewer
- iptables-nft banning (DOCKER-USER + INPUT chains)
- Optional Cloudflare WAF banning
- Optional AbuseIPDB threat scoring
- Two-tier IP management: whitelist (trusted) vs exempt (reviewed)
- Auto log-file detection via logwatch (no restart needed for new NPM hosts)

docker-compose.yml

@@ -0,0 +1,45 @@
+# F2B Control Center — edit values below, then: docker compose up -d
+
+services:
+
+  npm:
+    image: jc21/nginx-proxy-manager:latest
+    container_name: nginx-proxy-manager
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+      - "81:81"
+    volumes:
+      - ./data/npm:/data
+      - ./data/letsencrypt:/etc/letsencrypt
+
+  f2b-control-center:
+    build: .
+    container_name: f2b-control-center
+    restart: unless-stopped
+    depends_on:
+      - npm
+    network_mode: host
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    environment:
+      PORT:              "4000"
+      SUBNETS_TO_IGNORE: "10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
+      # ABUSEIPDB_API_KEY: ""   # enables threat scoring & auto-ban
+      # CF_EMAIL:          ""   # Cloudflare account email  (enables WAF banning)
+      # CF_APIKEY:         ""   # Cloudflare Global API Key (enables WAF banning)
+      LOG_DIR:       "/nginx-logs"
+      FAIL2BAN_LOG:  "/var/log/fail2ban.log"
+      JAIL_LOCAL:    "/etc/fail2ban/jail.local"
+      MANUAL_JAIL:   "manual-bans"
+      BAN_HIST_FILE: "/data/ban-history.json"
+    volumes:
+      - ./data/npm/logs:/nginx-logs
+      - f2b-data:/data
+      - f2b-config:/etc/fail2ban
+
+volumes:
+  f2b-data:
+  f2b-config: