moves nomad files into correct dir. fixes fail2ban config

ansible/redbrick-ansible.yml

@@ -4,5 +4,6 @@
   hosts: all
   gather_facts: true
   roles:
-    - { role: apt } # update all packages, equivalent to `apt update && apt upgrade`
+    # - { role: apt } # update all packages, equivalent to `apt update && apt upgrade`
-    - { role: ssh } # add users defined in roles/defaults/main.yml
+    # - { role: ssh } # add users defined in roles/defaults/main.yml
+    # - { role: fail2ban } # add and configure fail2ban with jail file located in `templates/fail2ban.jail`

ansible/roles/fail2ban/tasks/main.yml

@@ -0,0 +1,19 @@
+---
+- name: Install fail2ban from apt
+  become: true
+  ansible.builtin.apt:
+    name: fail2ban
+    state: latest
+
+- name: Copy configuraion to host
+  become: true
+  ansible.builtin.copy:
+    src: templates/fail2ban.jail
+    dest: /etc/fail2ban/jail.local
+    force: true
+
+- name: Restart fail2ban to apply config
+  become: true
+  ansible.builtin.service:
+    name: fail2ban
+    state: restarted

ansible/templates/fail2ban.jail

@@ -0,0 +1,17 @@
+[sshd]
+enabled = true
+port = ssh
+filter = sshd
+
+# the length of time between login attempts for maxretry.
+findtime = 600
+
+# attempts from a single ip before a ban is imposed.
+maxretry = 8
+
+# the number of seconds that a host is banned for.
+bantime = 3600
+
+bantime.increment = true
+bantime.factor = 1
+bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor