Add firewalld_enabled toggle

roles/configuration/tasks/services.yml

@@ -2,6 +2,7 @@
 - name: Enable Systemd Services
   ansible.builtin.command: >
     arch-chroot /mnt systemctl enable NetworkManager
+    {{ ' firewalld' if firewalld_enabled | bool else '' }}
     {{
       ' ssh' if os | lower in ['ubuntu', 'ubuntu-lts'] else
       (' sshd' if os | lower not in ['debian11', 'debian12', 'debian13'] else '')
@@ -12,3 +13,10 @@
     }}
   register: configuration_enable_services_result
   changed_when: configuration_enable_services_result.rc == 0
+
+- name: Disable firewalld when disabled
+  when: not firewalld_enabled | bool
+  ansible.builtin.command: arch-chroot /mnt systemctl disable --now firewalld
+  register: configuration_disable_firewalld_result
+  changed_when: configuration_disable_firewalld_result.rc == 0
+  failed_when: false