# F2B Control Center — edit values below, then: docker compose up -d

services:

  npm:
    image: jc21/nginx-proxy-manager:latest
    container_name: nginx-proxy-manager
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "81:81"
    volumes:
      - ./data/npm:/data
      - ./data/letsencrypt:/etc/letsencrypt

  f2b-control-center:
    build: .
    container_name: f2b-control-center
    restart: unless-stopped
    depends_on:
      - npm
    network_mode: host
    cap_add:
      - NET_ADMIN
      - NET_RAW
    environment:
      PORT:              "4000"
      SUBNETS_TO_IGNORE: "10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
      # ABUSEIPDB_API_KEY: ""   # enables threat scoring & auto-ban
      # CF_EMAIL:          ""   # Cloudflare account email  (enables WAF banning)
      # CF_APIKEY:         ""   # Cloudflare Global API Key (enables WAF banning)
      LOG_DIR:       "/nginx-logs"
      FAIL2BAN_LOG:  "/var/log/fail2ban.log"
      JAIL_LOCAL:    "/etc/fail2ban/jail.local"
      MANUAL_JAIL:   "manual-bans"
      BAN_HIST_FILE: "/data/ban-history.json"
    volumes:
      - ./data/npm/logs:/nginx-logs
      - f2b-data:/data
      - f2b-config:/etc/fail2ban

volumes:
  f2b-data:
  f2b-config: