diff --git a/README.md b/README.md
index c30124f8b5e2a8b17dc79f0066267e19ae2bff0d..de1bf1eed46aee847bb091aafe8ef16fd2eb58a8 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,3 @@
 # ansible_role-template
+
+Install & configure fail2ban.
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..2d1b136271cbe3f2b90dd2a26fe7276fdb209038
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,5 @@
+fail2ban_fail2ban_local: |
+  loglevel = INFO
+
+fail2ban_jail_local: |
+  bantime.rndtime = 300
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..2fc0251be28c843497b36a67d292e84031564bea
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,7 @@
+- name: Restart fail2ban service
+  ansible.builtin.systemd:
+    state: restarted
+    enabled: yes
+    masked: no
+    daemon_reload: yes
+    name: fail2ban.service
diff --git a/meta/main.yml b/meta/main.yml
index 769c19ed7436b801636eb1eca91e696de8ba03de..9b974a49d5d79b3751c1cc1b8f6752f97913e78a 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,9 +1,9 @@
 collections: []
 dependencies: []
 galaxy_info:
-  author: template
-  description: template
+  author: Dmitriy Safronov
+  description: Install & configure fail2ban.
   license: Apache-2.0
   min_ansible_version: "2.16"
-  namespace: template
-  role_name: template
+  namespace: dmitriysafronov
+  role_name: fail2ban
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..e682b082e9e616f3aea7dd0554e98a1dde0e105b
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,25 @@
+- name: Install packages
+  ansible.builtin.package:
+    name: fail2ban
+    state: present
+  notify: Restart fail2ban service
+
+- name: Template a file to /etc/fail2ban/fail2ban.local
+  ansible.builtin.template:
+    src: fail2ban.local.j2
+    dest: /etc/fail2ban/fail2ban.local
+    owner: root
+    group: root
+    mode: "0644"
+  when: fail2ban_fail2ban_local is defined
+  notify: Restart fail2ban service
+
+- name: Template a file to /etc/fail2ban/jail.local
+  ansible.builtin.template:
+    src: jail.local.j2
+    dest: /etc/fail2ban/jail.local
+    owner: root
+    group: root
+    mode: "0644"
+  when: fail2ban_jail_local is defined
+  notify: Restart fail2ban service
diff --git a/templates/fail2ban.local.j2 b/templates/fail2ban.local.j2
new file mode 100644
index 0000000000000000000000000000000000000000..cc765d4d752b8803f858f3e2c61c2b59a80949c4
--- /dev/null
+++ b/templates/fail2ban.local.j2
@@ -0,0 +1,6 @@
+{{ ansible_managed | comment }}
+
+[DEFAULT]
+logtarget = SYSLOG
+
+{{ fail2ban_fail2ban_local | default('') }}
diff --git a/templates/jail.local.j2 b/templates/jail.local.j2
new file mode 100644
index 0000000000000000000000000000000000000000..b8e3760a8ef9731bcbe2ebfb60a844aa0c8eabec
--- /dev/null
+++ b/templates/jail.local.j2
@@ -0,0 +1,6 @@
+{{ ansible_managed | comment }}
+
+[DEFAULT]
+backend = systemd
+
+{{ fail2ban_jail_local | default('') }}