feat: auto-whitelist SSH IP in Fail2Ban and deduplicate entries

[Kuuchuu]

This PR adds a prompt to auto-whitelist the user's SSH IP in Fail2Ban and adds a deduplication feature to the custom Fail2Ban whitelist.

Closes #78

[Kuuchuu]

If you would like, I can update the version number (77.1?) and sha256 as well.

[buildplan]

I will spin up 2 VMs Detain and Ubuntu to test everything is ok and then I will merge. Is that ok?
And, yes please update the version and checksum if thats ok. thanks again.

[buildplan]

FYI -

A quick test shows this ... script exited after I added list of ip addresses to ignore.

Whitelist your current IP (xxxxxxxx) in Fail2Ban? [y/N]: y
✓ Added your current IP to whitelist.
Add additional IP addresses or CIDR ranges to Fail2Ban ignore list (e.g., Tailscale)? [y/N]: y
Enter IP addresses or CIDR ranges to whitelist, separated by spaces.
Examples:
  Single IP:               192.168.1.100
  CIDR Range:              10.0.0.0/8
  IPv6 Address:            2606:4700::1111
  > fe80::/10 172.80.0.0/16 172.16.0.0/12 10.0.0.0/8 100.64.0.0/10 fd7a:115c:a1e0::/48
./du_setup.sh: line 3712: seen[$ip]: unbound variable

[Kuuchuu]

Forgot to test with set -euo pipefail, my bad. Fixing any unset variables now.

[Kuuchuu]

Sorry for the wait. Should be good now to do a full test.

[buildplan]

Thanks for doing this. Can you please make sure checksum is valid I think you made a change (tailscale IPS) but hash was generated before that.
I will check and merge later tonight.

Edit: Updated checksum.

[Kuuchuu]

After looking into it a bit I found the checksums did not match due to a difference in line endings. I was editing on Windows and vscode at some point threw in CRLF line terminators onto every line. I'm guessing when you checked the file it had been converted back to unix line endings. I'll push a change with the correct line endings. (EDIT: the repo did have the correct line endings, no push needed.) Thanks for catching that.

$ file /home/kuuchuu/du_setup.sh # Version scp'd from my Windows working dir
/home/kuuchuu/du_setup.sh: Bourne-Again shell script, Unicode text, UTF-8 text executable, with CRLF line terminators
$ file /tmp/du_setup.sh # Version manually created by pasting in code
/tmp/du_setup.sh: Bourne-Again shell script, Unicode text, UTF-8 text executable
$ sed -i 's/\r$//' /home/kuuchuu/du_setup.sh
$ file /home/kuuchuu/du_setup.sh
/home/kuuchuu/du_setup.sh: Bourne-Again shell script, Unicode text, UTF-8 text executable
$ sha256sum /home/kuuchuu/du_setup.sh
3ea3416cf0916ea92c382e1c899de0ef2f29535c9c93d1fa7466b4a78e1bb26d  /home/kuuchuu/du_setup.sh

EDIT: Looks like git was the real culprit:

C:\Users\Leora\Documents\Workshop\Bash\du_setup>git add .
warning: in the working copy of 'du_setup.sh', LF will be replaced by CRLF the next time Git touches it

C:\Users\Leora\Documents\Workshop\Bash\du_setup>git config --get core.autocrlf
true

C:\Users\Leora\Documents\Workshop\Bash\du_setup>git config core.autocrlf false

It converted the line endings on push locally, then I generated the checksum after it touched it. Never again shall it mistouch my files.

[buildplan]

I just tested this on a DigitalOcean VPS and worked perfectly. Going to check on a Ubuntu as well just to be sure everything is ok.

I updated the checksum already by the way in your repo.

Edit: I haven't used Windows for quite sometime but on Linux I just double checked the script file and it seems fine. but if you need to push any change go ahead. If you have any issues I can generate checksum locally and push it again. I have your repo checked out.

[Kuuchuu]

No push should be needed, the repo does have the right line endings. Should be ready to go!
I sadly have to dual boot to run a few programs, and get stuck on Windows more often than I'd like 😮‍💨
Thank you for reviewing the PR and for bearing with me through my testing & Windows hiccups.

[buildplan]

Worked perfectly on Ubuntu as well. Thanks a lot for doing this.

Please feel free to improve any other parts if you find time. Again thanks.