From e997059e2a1ed9778cc414f0c2ee4a0d21a2b93e Mon Sep 17 00:00:00 2001 From: Michael Reber Date: Wed, 14 Jan 2026 19:13:46 +0100 Subject: [PATCH] External IP Lookup Disable Feature implemented with environment variable: DISABLE_EXTERNAL_IP_LOOKUP --- README.md | 22 ++++++++++++++++++++++ pkg/web/handlers.go | 9 +++++++-- pkg/web/static/js/init.js | 5 ++++- pkg/web/templates/index.html | 2 ++ 4 files changed, 35 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 9700e75..1427d3d 100644 --- a/README.md +++ b/README.md @@ -329,6 +329,24 @@ podman run -d \ Access the web interface at `http://localhost:3080`. +**Disable External IP Lookup** (Privacy) + +By default, the web UI displays your external IP address by querying external services. For privacy reasons, you can disable this feature using the `DISABLE_EXTERNAL_IP_LOOKUP` environment variable: + +```bash +podman run -d \ + --name fail2ban-ui \ + --network=host \ + -e DISABLE_EXTERNAL_IP_LOOKUP=true \ + -v /opt/podman-fail2ban-ui:/config:Z \ + -v /etc/fail2ban:/etc/fail2ban:Z \ + -v /var/log:/var/log:ro \ + -v /var/run/fail2ban:/var/run/fail2ban \ + swissmakers/fail2ban-ui:latest +``` + +When set, the "Your ext. IP:" display will be completely hidden and no external IP lookup requests will be made. + **Volume Mounts Explained** | Volume | Required | Purpose | @@ -468,6 +486,10 @@ The **Fail2Ban Callback URL** is a critical setting that determines how Fail2Ban 3. **Port Changes:** - When you change the Fail2Ban UI port (via `PORT` environment variable or UI settings), the callback URL automatically updates if it's using the default localhost pattern + +**Privacy Settings** + +- **External IP Lookup**: By default, the web UI displays your external IP address. To disable this feature for privacy reasons, set the `DISABLE_EXTERNAL_IP_LOOKUP` environment variable to `true` or `1`. This will hide the "Your ext. IP:" display and prevent any external IP lookup requests. - For custom callback URLs (e.g., reverse proxy or custom IP), you must manually update them to match your setup **Important Notes:** diff --git a/pkg/web/handlers.go b/pkg/web/handlers.go index 4fdf81e..b684351 100644 --- a/pkg/web/handlers.go +++ b/pkg/web/handlers.go @@ -1118,9 +1118,14 @@ func shouldAlertForCountry(country string, alertCountries []string) bool { // IndexHandler serves the HTML page func IndexHandler(c *gin.Context) { + // Check if external IP lookup is disabled via environment variable + // Default is enabled (false means enabled, true means disabled) + disableExternalIP := os.Getenv("DISABLE_EXTERNAL_IP_LOOKUP") == "true" || os.Getenv("DISABLE_EXTERNAL_IP_LOOKUP") == "1" + c.HTML(http.StatusOK, "index.html", gin.H{ - "timestamp": time.Now().Format(time.RFC1123), - "version": time.Now().Unix(), + "timestamp": time.Now().Format(time.RFC1123), + "version": time.Now().Unix(), + "disableExternalIP": disableExternalIP, }) } diff --git a/pkg/web/static/js/init.js b/pkg/web/static/js/init.js index 20f1f0c..fd42d9e 100644 --- a/pkg/web/static/js/init.js +++ b/pkg/web/static/js/init.js @@ -3,7 +3,10 @@ window.addEventListener('DOMContentLoaded', function() { showLoading(true); - displayExternalIP(); + // Only display external IP if the element exists (not disabled via template variable) + if (document.getElementById('external-ip')) { + displayExternalIP(); + } // Initialize header components (clock and status indicator) if (typeof initHeader === 'function') { diff --git a/pkg/web/templates/index.html b/pkg/web/templates/index.html index bd22815..34417c0 100644 --- a/pkg/web/templates/index.html +++ b/pkg/web/templates/index.html @@ -116,10 +116,12 @@
+ {{if not .disableExternalIP}}
Your ext. IP: Loading…
+ {{end}}