--- a/modules/fail2ban/manifests/init.pp	Sun Dec 11 19:03:22 2022 +0000
+++ b/modules/fail2ban/manifests/init.pp	Sun Dec 11 20:27:08 2022 +0000
@@ -109,6 +109,7 @@
 	}
 
 	$bad_users = [
+		[
 		'[^0-9a-zA-Z]+',
 		'\.?[0-9]+\.?',
 		'[0-9a-zA-Z]{1,3}',
@@ -250,6 +251,7 @@
 		'firefox',
 		'ftp(admin)?',
 		'fuser',
+		],[
 		'games',
 		'gdm',
 		'geometry',
@@ -318,6 +320,7 @@
 		'logview(er)?',
 		'lsfadmin',
 		'lynx',
+		],[
 		'magento',
 		'mail',
 		'mailer',
@@ -435,6 +438,7 @@
 		'rpm',
 		'RPM',
 		'rtorrent',
+		],[
 		'rustserver',
 		'sales[0-9]+',
 		'samp',
@@ -551,6 +555,7 @@
 		'zabbix',
 		'zimbra',
 		'zookeeper',
+		],[
 		# User/admin/other
 		'(bwair|api|appl?|ats|cam|cat|db|dev|file|imap|is|my|net|site|tech|virtual|vnc|vpn)?(admins?|app|dev|use?r|server|man|manager|mgr)[0-9]*',
 		'(abc|account|git|info|redhat|samba|sshd|student|teacher|tomcat|ubuntu|web)[0-9]*',
@@ -568,6 +573,7 @@
 		'password',
 		'pass123?4?',
 		'qwer?[0-9]+',
+		]
 	]
 
 	file { '/etc/fail2ban/filter.d/ibb-sshd-bad-user.conf':

--- a/modules/fail2ban/templates/ibb-sshd-bad-user.epp	Sun Dec 11 19:03:22 2022 +0000
+++ b/modules/fail2ban/templates/ibb-sshd-bad-user.epp	Sun Dec 11 20:27:08 2022 +0000
@@ -11,7 +11,9 @@
 #          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
 # Values:  TEXT
 #
-failregex = Failed password for invalid user (<%= join($bad_users, '|') %>)? from <HOST> port [0-9]+ ssh2
+failregex = <% $bad_users.each |$array| { %>   Failed password for invalid user (<%= join($array, '|') %>)? from <HOST> port [0-9]+ ssh2
+<% } %>
+
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.