commit 6abfb80b681482c2a252645c557a6cc1ce48b736
Author: Steve Dogiakos <steve@blackbox.Home>
Date:   Fri Mar 21 14:08:02 2025 -0600

    Initial commit

diff --git a/ansiblehosts.yaml b/ansiblehosts.yaml
new file mode 100644
index 0000000..ad711f6
--- /dev/null
+++ b/ansiblehosts.yaml
@@ -0,0 +1,5 @@
+[webservers]
+192.168.1.219 ansible_user=steve ansible_ssh_private_key_file=/home/steve/.ssh/id_ed25519 ansible_become=true
+192.168.1.43  ansible_user=steve ansible_ssh_private_key_file=/home/steve/.ssh/id_ed25519 ansible_become=true
+192.168.1.51  ansible_user=steve ansible_ssh_private_key_file=/home/steve/.ssh/id_ed25519 ansible_become=true
+
diff --git a/fail2ban-setup.yaml b/fail2ban-setup.yaml
new file mode 100644
index 0000000..40ba26b
--- /dev/null
+++ b/fail2ban-setup.yaml
@@ -0,0 +1,41 @@
+- name: Install and configure Fail2Ban on all servers
+  hosts: all
+  become: true
+  vars:
+    # Customize as needed
+    bantime: 3600        # 1 hour ban time
+    findtime: 600        # 10 min window
+    maxretry: 5
+  tasks:
+    - name: Install Fail2Ban
+      apt:
+        name: fail2ban
+        state: present
+        update_cache: yes
+
+    - name: Ensure Fail2Ban service is enabled and running
+      service:
+        name: fail2ban
+        state: started
+        enabled: true
+
+    - name: Create custom jail.local config
+      copy:
+        dest: /etc/fail2ban/jail.local
+        content: |
+          [DEFAULT]
+          bantime = {{ bantime }}
+          findtime = {{ findtime }}
+          maxretry = {{ maxretry }}
+
+          [sshd]
+          enabled = true
+        owner: root
+        group: root
+        mode: '0644'
+
+    - name: Restart Fail2Ban to apply config
+      service:
+        name: fail2ban
+        state: restarted
+