Update .gitignore to exclude fail2ban data directory, clean up docker-compose.yaml by removing unused volume mappings, and add new Fail2Ban filter configurations for enhanced security against various attack vectors.

fail2ban/filter.d/http-get-dos.conf

@@ -0,0 +1,8 @@
+[Definition]
+# Count lots of requests from same IP regardless of status code.
+# Prefer X-Forwarded-For (client IP behind proxy), fallback to remote_addr.
+failregex = ^.*"x_forwarded_for":"<HOST>".*"(GET|POST|HEAD)".*$
+            ^.*"remote_addr":"<HOST>".*"(GET|POST|HEAD)".*$
+
+# Ignore health and stub_status hits
+ignoreregex = ^.*"request_uri":"\/(?:stub_status|health\/system|health\/worker|pgadmin4(?:\/|$)|\.well-known\/acme-challenge\/|.*\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))".*$