Initial working commit

ansible/roles/common/files/fail2ban/jails/nginx.local

@@ -0,0 +1,20 @@
+[nginx-limit-req]
+enabled = true
+port = http,https
+findtime = 600
+bantime = 1w
+maxretry = 8
+
+[nginx-http-auth]
+enabled = true
+port = http,https
+logpath = %(nginx_error_log)s
+bantime = 2w
+maxretry = 5
+
+[nginx-botsearch]
+enabled = true
+port = http,https
+logpath = %(nginx_error_log)s
+bantime = 1w
+maxretry = 5

ansible/roles/common/files/fail2ban/jails/sshd.local

@@ -0,0 +1,10 @@
+[sshd]
+enabled   = true
+filter    = sshd
+banaction = iptables
+backend   = systemd
+maxretry  = 5
+findtime  = 1d
+bantime   = 2w
+ignoreip  = 127.0.0.1/8 192.168.1.0/24
+logpath   = %(sshd_log)s