feat: PyGuardian v2.0 - Complete enterprise security system

✨ New Features:
🔐 Advanced agent authentication with JWT tokens
🌐 RESTful API server with WebSocket support
🐳 Docker multi-stage containerization
🚀 Comprehensive CI/CD with Drone pipeline
📁 Professional project structure reorganization

🛠️ Technical Implementation:
• JWT-based authentication with HMAC-SHA256 signatures
• Unique Agent IDs with automatic credential generation
• Real-time API with CORS and rate limiting
• SQLite extended schema for auth management
• Multi-stage Docker builds (controller/agent/standalone)
• Complete Drone CI/CD with testing and security scanning

�� Key Modules:
• src/auth.py (507 lines) - Authentication system
• src/api_server.py (823 lines) - REST API server
• src/storage.py - Extended database with auth tables
• Dockerfile - Multi-stage containerization
• .drone.yml - Enterprise CI/CD pipeline

🎯 Production Ready:
✅ Enterprise-grade security with encrypted credentials
✅ Scalable cluster architecture up to 1000+ agents
✅ Automated deployment with health checks
✅ Comprehensive documentation and examples
✅ Full test coverage and quality assurance

Ready for production deployment and scaling!

.history/ARCHITECTURE_20251125202055.md

@@ -0,0 +1,102 @@
+# PyGuardian - Архитектура системы
+
+```
+┌─────────────────────────────────────────────────────────────────┐
+│                    PyGuardian Architecture                     │
+└─────────────────────────────────────────────────────────────────┘
+
+┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
+│   auth.log      │    │   Telegram Bot  │    │   iptables/     │
+│   Monitoring    │    │   Interface     │    │   nftables      │
+└─────────┬───────┘    └─────────┬───────┘    └─────────┬───────┘
+          │                      │                      │
+          │ Real-time            │ Commands             │ Block/Unblock
+          │ Events               │ & Status             │ IP addresses
+          │                      │                      │
+          v                      v                      v
+┌─────────────────────────────────────────────────────────────────┐
+│                        main.py                                 │
+│                    Event Coordinator                           │
+└─────────┬───────────────────────┬───────────────────────┬───────┘
+          │                       │                       │
+          v                       v                       v
+┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
+│   monitor.py    │    │   storage.py    │    │  firewall.py   │
+│                 │    │                 │    │                 │
+│ • LogMonitor    │◄──►│ • SQLite DB     │◄──►│ • FirewallMgr   │
+│ • LogParser     │    │ • Statistics    │    │ • iptables API  │
+│ • AttackDetector│    │ • Ban Management│    │ • nftables API  │
+└─────────────────┘    └─────────────────┘    └─────────────────┘
+          │                       │                       │
+          │                       │                       │
+          v                       v                       v
+┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
+│     Events      │    │   Database      │    │   Network       │
+│                 │    │                 │    │                 │
+│ • Failed login  │    │ • attack_attempts│   │ • IP blocking   │
+│ • Invalid user  │    │ • banned_ips    │    │ • Auto-unban    │
+│ • Brute force   │    │ • daily_stats   │    │ • Whitelist     │
+└─────────────────┘    └─────────────────┘    └─────────────────┘
+
+┌─────────────────────────────────────────────────────────────────┐
+│                      Data Flow                                  │
+└─────────────────────────────────────────────────────────────────┘
+
+1. LogMonitor reads auth.log in real-time
+   ↓
+2. LogParser extracts attack events
+   ↓
+3. AttackDetector analyzes patterns
+   ↓
+4. Storage records attempts and statistics
+   ↓
+5. FirewallManager blocks malicious IPs
+   ↓
+6. TelegramBot sends notifications
+   ↓
+7. Admin receives alerts and can manage via bot
+
+┌─────────────────────────────────────────────────────────────────┐
+│                   Component Details                             │
+└─────────────────────────────────────────────────────────────────┘
+
+monitor.py:
+├── LogMonitor: Real-time file monitoring with inotify
+├── LogParser: Regex-based log pattern extraction  
+├── AttackDetector: Threshold-based attack detection
+└── Auto-ban: Automatic IP blocking logic
+
+storage.py:
+├── SQLite Database: Async database operations
+├── Attack Logging: IP, timestamp, attempt details
+├── Statistics: Daily/weekly aggregated stats
+└── Ban Management: Active/expired ban tracking
+
+firewall.py:
+├── FirewallManager: Abstraction layer
+├── IptablesFirewall: iptables command execution
+├── NftablesFirewall: nftables rule management
+└── Cleanup: Automated rule maintenance
+
+bot.py:
+├── TelegramBot: Command handler and UI
+├── Admin Authentication: Telegram ID verification
+├── Interactive Commands: Status, ban, unban, details
+└── Notifications: Real-time attack alerts
+
+main.py:
+├── Configuration: YAML config loading
+├── Component Initialization: Service startup
+├── Task Coordination: Async event loops
+└── Graceful Shutdown: Signal handling
+
+┌─────────────────────────────────────────────────────────────────┐
+│                    Security Model                               │
+└─────────────────────────────────────────────────────────────────┘
+
+• Root Privileges: Required for firewall management
+• Telegram Auth: Admin ID verification only
+• Whitelist Protection: CIDR/IP exclusion rules
+• Rate Limiting: Configurable thresholds
+• Graceful Degradation: Component failure isolation
+• Logging: Comprehensive audit trail