add filters and jails

fail2ban/filter.d/authelia-auth.conf

@@ -0,0 +1,13 @@
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+failregex = ^.*Unsuccessful (1FA|TOTP|Duo|U2F) authentication attempt by user .*remote_ip="?<HOST>"? stack.*
+            (?i)^.*access to .*is not authorized.*remote_ip=<HOST>
+            ^.* is banned until .*remote_ip=<HOST> stack.*
+
+ignoreregex = ^.*level=debug.*
+              ^.*level=info.*
+              ^.*level=warning.*

fail2ban/filter.d/gitea-auth.conf

@@ -0,0 +1,7 @@
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+failregex =  .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>

fail2ban/filter.d/nextcloud-auth.conf

@@ -0,0 +1,7 @@
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+failregex=^{"reqId":".*","remoteAddr":"<HOST>".*message":"Login failed: .*}$