Added bootstrap role with the tasks, defaults and handlers necessary for the playbooks

roles/bootstrap/files/fail2ban/ftp.local

@@ -0,0 +1,11 @@
+[proftpd]
+enabled = true
+allowipv6 = true
+banaction = iptables-multiport
+findtime = 1200
+maxretry  = 3
+bantime = 1h
+bantime.increment = true
+bantime.factor = 24
+bantime.maxtime = 5w
+ignoreip = 127.0.0.1/8

roles/bootstrap/files/fail2ban/override.conf

@@ -0,0 +1,11 @@
+[Service]
+PrivateDevices=yes
+PrivateTmp=yes
+ProtectHome=read-only
+ProtectSystem=strict
+ReadWritePaths=-/var/run/fail2ban
+ReadWritePaths=-/var/lib/fail2ban
+ReadWritePaths=-/var/log/fail2ban.log
+ReadWritePaths=-/var/spool/postfix/maildrop
+ReadWritePaths=-/run/xtables.lock
+CapabilityBoundingSet=CAP_AUDIT_READ CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW

roles/bootstrap/files/fail2ban/sshd.local

@@ -0,0 +1,9 @@
+[sshd]
+enabled = true
+filter = sshd
+banaction = iptables
+findtime = 1d
+allowipv6 = true
+maxretry = 4
+bantime = 1w
+ignoreip = 127.0.0.1/8