docker-compose.example.yml

services:
  fail2ban-ui:
    # Use pre-built image from Docker Hub (default)
    image: swissmakers/fail2ban-ui:latest

    # Alternative: Use Swissmakers registry (fallback)
    # image: registry.swissmakers.ch/infra/fail2ban-ui:latest

    # Or build from source (uncomment to use):
    # build:
    #   context: .
    #   dockerfile: Dockerfile

    container_name: fail2ban-ui
    #privileged: true # needed if you want to use a container-local fail2ban instance (because fail2ban.sock is owned by root)
    # a single all-in-one container is planned, currently you need to use the fail2ban container from linuxserver, see docker-compose-allinone.yml for an example
    network_mode: host

    environment:
      # Optional: Change this to use a different port for the web interface (defaults is 8080)
      - PORT=8080
      # Optional: Bind to a specific IP address (default: 0.0.0.0)
      # This is useful when running with host networking to prevent exposing
      # the web UI to unprotected networks. Set to a specific IP (e.g., 127.0.0.1
      # or a specific interface IP) to restrict access.
      # - BIND_ADDRESS=127.0.0.1
    volumes:
      # Required for fail2ban-ui: Stores SQLite database, application settings, and SSH keys of the fail2ban-ui container
      - /opt/podman-fail2ban-ui:/config:Z
      # Required for fail2ban-ui: Used for testing, that logpath is working, before enabeling a jail. Without this read only access the fail2ban-ui will not be able to enable jails (logpath-test would fail)
      - /var/log:/var/log:ro

      # Required for local fail2ban instance: Fail2Ban configuration directory, needed for managing a local Fail2Ban instance (e.g. on host system) via fail2ban-ui
      - /etc/fail2ban:/etc/fail2ban:Z
      # Required for local fail2ban instance: Fail2Ban socket directory, needed for local Fail2Ban (e.g. on host system) for control via fail2ban-ui
      - /var/run/fail2ban:/var/run/fail2ban

      # Optional: Enables geographic IP analysis features via GeoIP databases (GeoIP must be installed and configured on the host system)
      - /usr/share/GeoIP:/usr/share/GeoIP:ro

    restart: unless-stopped
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`services:`
			`fail2ban-ui:`
Changed default image to swissmakers/fail2ban-ui:latest with swissmakers registry as a commented fallback 2026-01-11 20:38:02 +01:00			`# Use pre-built image from Docker Hub (default)`
			`image: swissmakers/fail2ban-ui:latest`

			`# Alternative: Use Swissmakers registry (fallback)`
			`# image: registry.swissmakers.ch/infra/fail2ban-ui:latest`
Refactor jail.local and jail.d management 2025-12-03 20:43:44 +01:00
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`# Or build from source (uncomment to use):`
			`# build:`
			`# context: .`
			`# dockerfile: Dockerfile`
Refactor jail.local and jail.d management 2025-12-03 20:43:44 +01:00
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`container_name: fail2ban-ui`
Update example docker compose files 2025-12-15 13:44:41 +01:00			`#privileged: true # needed if you want to use a container-local fail2ban instance (because fail2ban.sock is owned by root)`
			`# a single all-in-one container is planned, currently you need to use the fail2ban container from linuxserver, see docker-compose-allinone.yml for an example`
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`network_mode: host`
Refactor jail.local and jail.d management 2025-12-03 20:43:44 +01:00
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`environment:`
implemented bind address environment variable. 2025-12-30 17:08:20 +01:00			`# Optional: Change this to use a different port for the web interface (defaults is 8080)`
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`- PORT=8080`
implemented bind address environment variable. 2025-12-30 17:08:20 +01:00			`# Optional: Bind to a specific IP address (default: 0.0.0.0)`
			`# This is useful when running with host networking to prevent exposing`
			`# the web UI to unprotected networks. Set to a specific IP (e.g., 127.0.0.1`
			`# or a specific interface IP) to restrict access.`
			`# - BIND_ADDRESS=127.0.0.1`
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`volumes:`
Update example docker compose files 2025-12-15 13:44:41 +01:00			`# Required for fail2ban-ui: Stores SQLite database, application settings, and SSH keys of the fail2ban-ui container`
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`- /opt/podman-fail2ban-ui:/config:Z`
Update example docker compose files 2025-12-15 13:44:41 +01:00			`# Required for fail2ban-ui: Used for testing, that logpath is working, before enabeling a jail. Without this read only access the fail2ban-ui will not be able to enable jails (logpath-test would fail)`
			`- /var/log:/var/log:ro`
Refactor jail.local and jail.d management 2025-12-03 20:43:44 +01:00
Update example docker compose files 2025-12-15 13:44:41 +01:00			`# Required for local fail2ban instance: Fail2Ban configuration directory, needed for managing a local Fail2Ban instance (e.g. on host system) via fail2ban-ui`
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`- /etc/fail2ban:/etc/fail2ban:Z`
Update example docker compose files 2025-12-15 13:44:41 +01:00			`# Required for local fail2ban instance: Fail2Ban socket directory, needed for local Fail2Ban (e.g. on host system) for control via fail2ban-ui`
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`- /var/run/fail2ban:/var/run/fail2ban`
Refactor jail.local and jail.d management 2025-12-03 20:43:44 +01:00
Update example docker compose files 2025-12-15 13:44:41 +01:00			`# Optional: Enables geographic IP analysis features via GeoIP databases (GeoIP must be installed and configured on the host system)`
Add docker compose example and update the documentation to it 2025-12-01 13:26:42 +01:00			`- /usr/share/GeoIP:/usr/share/GeoIP:ro`
Update example docker compose files 2025-12-15 13:44:41 +01:00
			`restart: unless-stopped`