Improve the firewall config and code of the new test email server for Jenkins Agents

Firewall improvements:

• Cleanup unused firewall config in Jenkins Agents
• Force Jenkins Agents to connect directly to the VM's IP:
  • Export rules so isoworkers-mail.tails.net accepts from Jenkins Agents in mail and http(s) ports.
  • Map isoworkers-mail.tails.net to 192.168.126.20 in Jenkins Agents
  • Remove the tirewall::public_service entries for mail (leave port 80)
  • Remove custom firewall rules added to Iguana.

Code improvements:

• Move the client email password config to hieradata/role/isoworker.eyaml
• Move the Nginx config from node definition to a profile.
• Move the Libvirt hosts firewall config to exported resources in the same profile as above.
• Refactor tails::tester::support::email* to a profile (same as above, probably). → Deferred to #16958

Missing bits:

• Test suite: allow Thunderbird to connect to tes... (tails!1268 - merged)
• Apply improvements to the firewall config once again.
• Check that Thunderbird tests keep working.