feat(security): added nftables firewall

inventory/host_vars/unobtainium/vars.yml

@@ -21,3 +21,14 @@ custom_common:
     force_sign: true
     signing_key: "{{ vault_common_gitconfig_signingkey }}"
   install_fonts: true
+
+custom_security:
+  firewall:
+    filter:
+      policy:
+        output: accept
+        forward: accept
+    mangle:
+      drop_privatenets: false
+      policy:
+        forward: accept