Separate fail2ban from ssh_proxy_config role

Initially, the fail2ban configuration was included in the ssh_proxy_config role assuming that only ssh-proxy would be using it. However, we decided it could also be used for other nodes like http-proxy, which warrants a separate role for fail2ban.