add sftpgo fail2ban snippet

fail2ban/filter.d/sftpgo.conf

@@ -0,0 +1,15 @@
+[INCLUDES]
+before = common.conf
+
+[DEFAULT]
+_daemon = sftpgo
+
+[Definition]
+
+# By default, first authenticate method is public_key and must be excluded from the filter to avoid false positives failed attemps 
+failregex = ^.*"sender":"connection_failed","client_ip":"<HOST>","username":".*","login_type":"password".*"}$
+
+ignoreregex =
+
+[Init]
+journalmatch = _SYSTEMD_UNIT=sftpgo.service + _COMM=sftpgo

fail2ban/jail.d/sftpgo.conf

@@ -0,0 +1,10 @@
+[sftpgo]
+enabled = true
+port = 2022
+filter = sftpgo
+action = iptables-allports[name=sftpgo]
+logpath = 
+backend = systemd
+maxretry = 5
+bantime = 600
+findtime = 86400