fail2ban: remove redundant fail2ban_jails overrides

group_vars/all was enabling just the sshd jail so move this into the
fail2ban role defaults. patchwork, security and wiki were redefining
fail2ban_jails without deviating from the group_vars/all default and
can therefore be dropped.

group_vars/all/common.yml

@@ -11,9 +11,3 @@ maintenance_remote_machine: "{{ hostvars[inventory_hostname]['ansible_env'].SSH_
 # prometheus-node-exporter port
 prometheus_exporter_port: '9100'
 prometheus_memcached_exporter_port: '9150'
-
-fail2ban_jails:
-  sshd: true
-  postfix: false
-  dovecot: false
-  nginx_limit_req: false

host_vars/patchwork.archlinux.org/misc

@@ -2,12 +2,5 @@ filesystem: btrfs
 memcached_socket: "/run/memcached/patchwork.sock"
 fetchmail_user: "patchwork@archlinux.org"
 fetchmail_delivery_cmd: "/usr/local/bin/patchwork-parsemail-wrapper.sh"
-
-fail2ban_jails:
-  sshd: true
-  postfix: false
-  dovecot: false
-  nginx_limit_req: false
-
 wireguard_address: 10.0.0.23
 wireguard_public_key: DVeDuKQKf4FzfgS8hp3iZj1tD7gi3SJm8GqDfA+XZn4=

host_vars/security.archlinux.org/misc

 filesystem: btrfs
-
-fail2ban_jails:
-  sshd: true
-  postfix: false
-  dovecot: false
-  nginx_limit_req: false
 wireguard_address: 10.0.0.24
 wireguard_public_key: CENgItOHJI/lLUNcUNpC+1oZJBvX/G+nemAKZYfCSCw=

host_vars/wiki.archlinux.org/misc

 filesystem: btrfs
 memcached_socket: "/run/memcached/archwiki.sock"
-
-fail2ban_jails:
-  sshd: true
-  postfix: false
-  dovecot: false
-  nginx_limit_req: false
 wireguard_address: 10.0.0.22
 wireguard_public_key: bZeNWMLtyNDaFR7jjWr06nNZt/vV/OKNleV7XZZs+lc=

roles/fail2ban/defaults/main.yml

-# by default all jails are disabled
-# override this variable in a host/group file to define which jails to enable
+# by default only the sshd jail is enabled
+# override this variable in a host/group file to enable additional jails
 fail2ban_jails:
-  sshd: false
+  sshd: true
   postfix: false
   dovecot: false
   nginx_limit_req: false