psm-server-provisioning/roles/security/tasks/main.yml

- name: Install FirewallD and Fail2Ban
  apt:
          name: firewalld, fail2ban
          state: present

- name: Copy FirewallD public.conf
  notify: Restart FirewallD
  template:
          src: firewalld-public.conf
          dest: /etc/firewalld/zones/public.xml
          owner: root
          group: root
          mode: u=rw,g=r,o=r

- name: Copy Fail2Ban conf
  notify: Restart Fail2Ban
  copy:
          src: fail2ban.conf
          dest: /etc/fail2ban/jail.d/server.conf
          owner: root
          group: root
          mode: u=rw,g=r,o=r

- name: Copy SSHD conf
  notify: Restart SSHD
  copy:
          src: sshd.conf
          dest: /etc/ssh/sshd_config.d/10-security.conf
          owner: root
          group: root
          mode: u=rw,g=r,o=r
security additions 3 years ago			`- name: Install FirewallD and Fail2Ban`
			`apt:`
			`name: firewalld, fail2ban`
			`state: present`

			`- name: Copy FirewallD public.conf`
			`notify: Restart FirewallD`
			`template:`
			`src: firewalld-public.conf`
			`dest: /etc/firewalld/zones/public.xml`
			`owner: root`
			`group: root`
			`mode: u=rw,g=r,o=r`

			`- name: Copy Fail2Ban conf`
			`notify: Restart Fail2Ban`
			`copy:`
			`src: fail2ban.conf`
			`dest: /etc/fail2ban/jail.d/server.conf`
			`owner: root`
			`group: root`
			`mode: u=rw,g=r,o=r`

			`- name: Copy SSHD conf`
			`notify: Restart SSHD`
			`copy:`
			`src: sshd.conf`
			`dest: /etc/ssh/sshd_config.d/10-security.conf`
			`owner: root`
			`group: root`
			`mode: u=rw,g=r,o=r`