Added role fail2ban/application

roles/fail2ban/application/defaults/main.yml

@@ -0,0 +1,6 @@
+---
+
+config_dir: "/etc/fail2ban"
+actions_directory: "{{ config_dir }}/action.d"
+filters_directory: "{{ config_dir }}/filter.d"
+jails_directory: "{{ config_dir }}/jail.d"

roles/fail2ban/application/handlers/main.yml

@@ -0,0 +1,13 @@
+---
+
+- name: reload fail2ban
+  systemd:
+    enabled: yes
+    name: fail2ban.service
+    state: reloaded
+
+- name: restart fail2ban
+  systemd:
+    enabled: yes
+    name: fail2ban.service
+    state: restarted

roles/fail2ban/application/meta/main.yml

@@ -0,0 +1,3 @@
+---
+
+allow_duplicates: no

roles/fail2ban/application/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+
+- name: Install required packages
+  apt:
+    state: present
+    name:
+      - fail2ban # base package
+      # Recommended for fail2ban:
+      - iptables # blocking using native firewall
+      - python3-pyinotify # watch files natively
+      - python3-systemd # view journals of systemd
+    install_recommends: no
+
+- name: Configure sshd jail
+  template:
+    src: sshd.jail.conf
+    dest: "{{ jails_directory }}/sshd.local"
+  notify: reload fail2ban

roles/fail2ban/application/templates/sshd.jail.conf

@@ -0,0 +1,2 @@
+[sshd]
+enabled = true