Refactor: Organize Ansible project structure

- Reorganized Ansible project structure to follow best practices.
- Created dedicated directories: , , , , and .
- Categorized playbooks into  (host-specific) and  (service-specific).
- Moved all roles into the  directory and standardized their naming conventions.
- Relocated  to  for better variable management.
- Renamed  to  to reflect its global variable scope.
- Created  to correctly set the  to the new  directory.
- Moved  and  into the  directory.
- Added  to  providing explanations for common commands.
- Cleaned up  directories from all individual roles to centralize version control.

roles/security/templates/10periodic.j2

@@ -0,0 +1,4 @@
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::AutocleanInterval "7";
+APT::Periodic::Unattended-Upgrade "1";

roles/security/templates/50unattended-upgrades.j2

@@ -0,0 +1,20 @@
+Unattended-Upgrade::Automatic-Reboot "{{ security_autoupdate_reboot }}";
+Unattended-Upgrade::Automatic-Reboot-Time "{{ security_autoupdate_reboot_time }}";
+
+{% if security_autoupdate_mail_to %}
+Unattended-Upgrade::Mail "{{ security_autoupdate_mail_to }}";
+{% if security_autoupdate_mail_on_error %}
+Unattended-Upgrade::MailOnlyOnError "true";
+{% endif %}
+{% endif %}
+
+Unattended-Upgrade::Allowed-Origins {
+        "${distro_id} ${distro_codename}-security";
+//      "${distro_id} ${distro_codename}-updates";
+};
+
+Unattended-Upgrade::Package-Blacklist{
+{% for package in security_autoupdate_blacklist %}
+      "{{package}}";
+{% endfor %}
+}

roles/security/templates/jail.local.j2

@@ -0,0 +1,5 @@
+[sshd]
+enabled = true
+port    = {{ security_ssh_port }}
+filter  = sshd
+backend = systemd