Initial release: F2B Control Center v1.0
Fail2Ban + Nginx Proxy Manager dashboard in a single Docker container. Features: - Auto-ban via badbot, http-errors, npm-probe, manual-bans, recidive jails - Web dashboard: live ban grid, log scanner, per-IP access log viewer - iptables-nft banning (DOCKER-USER + INPUT chains) - Optional Cloudflare WAF banning - Optional AbuseIPDB threat scoring - Two-tier IP management: whitelist (trusted) vs exempt (reviewed) - Auto log-file detection via logwatch (no restart needed for new NPM hosts)
This commit is contained in:
67
supervisor.conf
Normal file
67
supervisor.conf
Normal file
@@ -0,0 +1,67 @@
|
||||
# ── supervisord configuration for F2B Control Center ─────────────────────────
|
||||
# Manages two processes inside the container:
|
||||
# 1. fail2ban — the banning daemon (starts first)
|
||||
# 2. dashboard — the Node.js web interface
|
||||
# ─────────────────────────────────────────────────────────────────────────────
|
||||
|
||||
[supervisord]
|
||||
nodaemon=true
|
||||
logfile=/dev/null
|
||||
logfile_maxbytes=0
|
||||
pidfile=/var/run/supervisord.pid
|
||||
loglevel=info
|
||||
|
||||
[unix_http_server]
|
||||
file=/var/run/supervisor.sock
|
||||
chmod=0700
|
||||
|
||||
[supervisorctl]
|
||||
serverurl=unix:///var/run/supervisor.sock
|
||||
|
||||
[rpcinterface:supervisor]
|
||||
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
|
||||
|
||||
# ── fail2ban ──────────────────────────────────────────────────────────────────
|
||||
[program:fail2ban]
|
||||
command=/usr/bin/fail2ban-server -xf start
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startretries=3
|
||||
startsecs=3
|
||||
stopwaitsecs=10
|
||||
# -x: remove stale socket before starting
|
||||
# -f: run in foreground (required for supervisor)
|
||||
stdout_logfile=/dev/stdout
|
||||
stdout_logfile_maxbytes=0
|
||||
stderr_logfile=/dev/stderr
|
||||
stderr_logfile_maxbytes=0
|
||||
priority=10
|
||||
|
||||
# ── log watcher ───────────────────────────────────────────────────────────────
|
||||
[program:logwatch]
|
||||
command=/logwatch.sh
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startretries=3
|
||||
startsecs=5
|
||||
stdout_logfile=/dev/stdout
|
||||
stdout_logfile_maxbytes=0
|
||||
stderr_logfile=/dev/stderr
|
||||
stderr_logfile_maxbytes=0
|
||||
priority=15
|
||||
|
||||
# ── dashboard ─────────────────────────────────────────────────────────────────
|
||||
[program:dashboard]
|
||||
command=/usr/local/bin/node /app/server.js
|
||||
directory=/app
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startretries=5
|
||||
startsecs=3
|
||||
stopwaitsecs=10
|
||||
stdout_logfile=/dev/stdout
|
||||
stdout_logfile_maxbytes=0
|
||||
stderr_logfile=/dev/stderr
|
||||
stderr_logfile_maxbytes=0
|
||||
priority=20
|
||||
environment=NODE_ENV="production"
|
||||
Reference in New Issue
Block a user