Add fail2ban protection against brute force

[lapineige]

As this app expose a public login form, it should be protected against password brute force with fail2ban.

The account is not yet linked to the SSO / yunohost account, so it might not be a big security issue for the rest of the instance… yet it would be better to add that protection.

PS: I write that here as a reminder, I guess you have other priorities right now ;) (and maybe someone will use that issue to get involved with a quick contribution :)