Initial release: F2B Control Center v1.0

Dockerized Fail2Ban + dashboard for Nginx Proxy Manager.

- Single-container image (fail2ban + Node.js + supervisord)
- Pre-built NPM filters: badbot, http-errors, npm-probe, manual-bans
- Web dashboard with live ban feed, log scanner, AbuseIPDB integration
- Configurable via environment variables and .env file
- Persistent volumes for config and ban history
- Webhook support for ban event notifications
- README, .gitignore, MIT license

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -0,0 +1,92 @@
+# ── F2B Control Center — docker-compose ──────────────────────────────────────
+#
+# QUICK START:
+#   1. cp .env.example .env
+#   2. Set NPM_LOG_DIR to your Nginx Proxy Manager log path
+#   3. docker-compose up -d
+#
+# NETWORK MODE:
+#   network_mode: host is the recommended default.
+#   This allows fail2ban's iptables rules to block traffic at the host level,
+#   which is required when Nginx Proxy Manager receives traffic from the host
+#   network stack (the typical Docker-based NPM setup).
+#
+#   If you only want the dashboard (no active iptables blocking), you can
+#   switch to bridge networking by commenting out network_mode and
+#   uncommenting the ports section instead.
+# ─────────────────────────────────────────────────────────────────────────────
+
+version: "3.9"
+
+services:
+  f2b-control-center:
+    build: .
+    image: f2b-control-center:latest
+    container_name: f2b-control-center
+    restart: unless-stopped
+
+    # Required for iptables rules to manipulate the host network stack.
+    # network_mode: host makes the container share the host's network namespace,
+    # so fail2ban bans affect traffic arriving at the host.
+    network_mode: host
+
+    # Alternative (bridge mode — dashboard only, no host-level blocking):
+    # Comment out network_mode above and uncomment these:
+    # ports:
+    #   - "${DASHBOARD_PORT:-4000}:4000"
+    # cap_add:
+    #   - NET_ADMIN
+    #   - NET_RAW
+
+    environment:
+      # ── Dashboard ────────────────────────────────────────────────────────
+      PORT: "${DASHBOARD_PORT:-4000}"
+
+      # AbuseIPDB integration (optional but recommended)
+      # Get a free API key at https://www.abuseipdb.com/
+      ABUSEIPDB_API_KEY: "${ABUSEIPDB_API_KEY:-}"
+
+      # Auto-ban: AbuseIPDB confidence score threshold (0-100)
+      AUTOBAN_THRESHOLD: "${AUTOBAN_THRESHOLD:-75}"
+
+      # Default lookback window for nginx log scanning (days)
+      DEFAULT_LOOKBACK_DAYS: "${DEFAULT_LOOKBACK_DAYS:-3}"
+
+      # Comma-separated CIDR subnets to ignore in scans and bans
+      SUBNETS_TO_IGNORE: "${SUBNETS_TO_IGNORE:-10.0.0.0/8,172.16.0.0/12,192.168.0.0/16}"
+
+      # Optional: POST ban events to this URL (e.g. Discord webhook, n8n, etc.)
+      WEBHOOK_URL: "${WEBHOOK_URL:-}"
+
+      # ── Internal paths — change only if you remap volumes ────────────────
+      LOG_DIR:        "/nginx-logs"
+      FAIL2BAN_LOG:   "/var/log/fail2ban.log"
+      JAIL_LOCAL:     "/etc/fail2ban/jail.local"
+      MANUAL_JAIL:    "manual-bans"
+      BAN_HIST_FILE:  "/data/ban-history.json"
+
+    volumes:
+      # ── REQUIRED: your Nginx Proxy Manager access log directory ──────────
+      # Change NPM_LOG_DIR in .env to match your setup.
+      # Default paths for common NPM Docker setups:
+      #   /opt/npm/data/logs        (appdata-style)
+      #   /home/docker/NGINX/data/logs
+      #   /docker/nginx-proxy-manager/data/logs
+      - "${NPM_LOG_DIR:-/opt/npm/data/logs}:/nginx-logs:ro"
+
+      # ── Persistent application data (ban history) ─────────────────────
+      - f2b-data:/data
+
+      # ── Fail2ban configuration (survives container updates) ───────────
+      # Edit /etc/fail2ban/jail.local inside the container or mount a local
+      # directory here to manage config files outside the container.
+      - f2b-config:/etc/fail2ban
+
+    labels:
+      com.f2b-control-center.description: "Fail2Ban Control Center for Nginx Proxy Manager"
+
+volumes:
+  f2b-data:
+    driver: local
+  f2b-config:
+    driver: local