Initial release: F2B Control Center v1.0

Dockerized Fail2Ban + dashboard for Nginx Proxy Manager. - Single-container image (fail2ban + Node.js + supervisord) - Pre-built NPM filters: badbot, http-errors, npm-probe, manual-bans - Web dashboard with live ban feed, log scanner, AbuseIPDB integration - Configurable via environment variables and .env file - Persistent volumes for config and ban history - Webhook support for ban event notifications - README, .gitignore, MIT license Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-20 14:40:59 +00:00
commit dd7f8dd1a2
20 changed files with 2432 additions and 0 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,47 @@
+# ── F2B Control Center — environment configuration ───────────────────────────
+# Copy this file to .env and fill in your values.
+# Only NPM_LOG_DIR is strictly required to get started.
+# ─────────────────────────────────────────────────────────────────────────────
+
+# ── Required ──────────────────────────────────────────────────────────────────
+
+# Path to your Nginx Proxy Manager log directory on the host.
+# This directory will be mounted read-only inside the container.
+# Common paths:
+#   /opt/npm/data/logs
+#   /home/docker/NGINX/data/logs
+#   /docker/nginx-proxy-manager/data/logs
+NPM_LOG_DIR=/opt/npm/data/logs
+
+# ── Dashboard ─────────────────────────────────────────────────────────────────
+
+# Port the dashboard listens on (host port when using network_mode: host)
+DASHBOARD_PORT=4000
+
+# ── AbuseIPDB integration (optional but recommended) ─────────────────────────
+# Enables IP reputation lookups and auto-ban by abuse score.
+# Free API keys available at https://www.abuseipdb.com/
+ABUSEIPDB_API_KEY=
+
+# Minimum AbuseIPDB confidence score (0–100) to trigger auto-ban
+AUTOBAN_THRESHOLD=75
+
+# ── Log scanning ──────────────────────────────────────────────────────────────
+
+# Default lookback window when scanning nginx logs (days)
+DEFAULT_LOOKBACK_DAYS=3
+
+# Comma-separated CIDR subnets to skip during log scanning and banning.
+# Include your LAN, Docker bridge, and any trusted networks.
+SUBNETS_TO_IGNORE=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
+
+# ── Optional integrations ─────────────────────────────────────────────────────
+
+# Webhook URL: receives a POST request on every manual ban action.
+# Payload: { "action": "ban", "ip": "1.2.3.4", "jail": "manual-bans", "ts": "..." }
+# Examples: Discord webhook, n8n, Slack, custom endpoint
+WEBHOOK_URL=
+
+# Path to a custom script to run after whitelist changes (e.g. Cloudflare sync).
+# The script is executed as a background fire-and-forget process.
+# CF_SYNC=/usr/local/bin/cloudflare-whitelist-sync.sh