...

git --versions

python3 --version

ansible --version

If any of the above raises an error, or the version is older than recommended, install/update via your package manager of preference. You can also follow thee official Ansible documentation for OS-specific installation steps.

Step-by-Step Deployment

1. Download the Item

Find the Item's detail page on the EWC Community Hub Dashboard by visiting https://europeanweather.cloud/community-hub/ssh-bastion-flavour. Once on the detailed page, pay attention to the following:

...

---
ewcloud:
  hosts:
    ssh_bastion:
      ansible_python_interpreter: /usr/bin/python3
      ansible_host: 135.196.111.255 # PUBLIC IP OF TARGET HOST
      ansible_ssh_private_key_file: ~/.ssh/id_rsa # PATH TO PRIVATE KEY IN LOCALHOST
      ansible_user: cloud-user
      ansible_ssh_common_args: -o StrictHostKeyChecking=accept-new

4. Run the Playbook

...

You'll be prompted for user input, to whitelist any IP addresses from being affected by Fail2ban security measurements.
Upon successful completion, you will see an execution summary with zero failed tasks on your localhost or the target host (e.g. referred to as ssh_bastion in this example):

...

As is the case for other Items open-sourced by the EWC, you can change the inputs of the SSH Bastion Flavour at any point in time, by simply re-running with the new values.
Imagine for example that you decide later on to apply Fail2Ban on all IP addresses, regardless of whether they are internal or not. To achieve this, simply run:

...

Checkout the troubleshooting documentation of the Item for information on common problems and how to troubleshoot them.
For unresolved issues, check the GitHub issues for a similar problem, ask the community on the peer support channel of the EWC discussion platform. You may also place a tickets at EWC Support Portal when dealing with EWC open-sourced Items.

...