Add ipt-server role with firewall configuration and management

- Created handlers for reloading systemd and restarting firewall services.
- Implemented tasks to ensure the existence of configuration directories and files.
- Deployed host-specific and shared configuration files using templates.
- Added scripts for managing IPv4 and IPv6 firewalls.
- Configured systemd service units for ipt-firewall and ip6t-firewall.
- Enabled and started firewall services on system boot.

host_vars/test.mx.oopen.de/ipt_firewall.yml

@@ -0,0 +1,47 @@
+---
+# ipt-firewall configuration for test.mx.oopen.de
+# Generated by extract-fw-host-vars.py - review before committing!
+
+fw_manage_config: true
+
+# --- Network
+fw_ext_interfaces:
+  - "eth0"
+  - "eth1"
+fw_ext_ips_v4:
+  - "83.223.85.205"
+  - "83.223.85.206"
+fw_ext_ips_v6:
+  - "2a01:30:0:505:2eb:f4ff:feaa:d996 2a01:30:0:13:2eb:f4ff:feaa:d996"
+  - "2a01:30:0:505:2eb:f4ff:feaa:d997 2a01:30:0:13:2eb:f4ff:feaa:d997"
+
+# --- Munin
+munin_remote_ipv4: 37.27.121.227
+munin_remote_ipv6: "2a01:4f9:3070:2bda::227"
+
+# --- HTTP
+fw_http_server_ips: $ext_1_ip $ext_2_ip
+
+# --- Mail
+fw_smtpd_ips: $ext_1_ip
+fw_mail_server_ips: $ext_1_ip
+fw_mail_client_ips: $ext_1_ip $ext_2_ip
+fw_dovecot_auth_service: true
+fw_dovecot_auth_allowed_networks_v4: 192.68.11.79
+
+# --- Mumble
+fw_mumble_server_ips: 138.201.33.54
+
+# --- Jitsi
+fw_jitsi_tcp_ports: $standard_jitsi_tcp_ports
+fw_jitsi_udp_port_range: $standard_jitsi_udp_port_range
+
+# --- Rsync
+fw_rsync_out_ips: $ext_1_ip
+
+# --- Block
+fw_blocked_ips: 222.184.0.0/13 61.160.0.0/16 116.8.0.0/14
+
+# --- Other
+fw_jitsi_tcp_ports_out: "$standard_turn_service_ports,4443,4444,4445,4446"
+fw_jitsi_udp_ports_out: "$standard_http_ports,$standard_turn_service_ports,4443,4444,4445,4446"