ci: re-enable firewalld jobs

Commit 4e567e16 added firewalld to the test matrix for various CI jobs
(namely unit, integration and integration-cli).

Commit 2807c0c2 reverted that commit as it was putting too much load on
GHA cache, and thus it was returning 429 more frequently, so builds had
a greater chance of spending time building everything from scratch. This
was slowing down our CI even more than what it was before.

This new commit re-adds firewalld to the test matrix of unit,
integration and integration-cli jobs. Unlike 4e567e16, not all
combinations of OS, storage and 'mode' will be tested. Instead,
firewalld jobs will run only on ubuntu-22.04, and with the containerd
snapshotter.

Also, the revert commit mistakenly reverted a fix that was originally
intended for commit 8883db20, but was actually 'fixed up' in the wrong
commit. Let's re-revert that too.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>

hack/dind-systemd

@@ -59,7 +59,7 @@ fi
 # Allow connections coming from the host (through eth0). This is needed to
 # access the daemon port (independently of which port is used), or run a
 # 'remote' Delve session, etc...
-if [ ${DOCKER_FIREWALLD:-} = "true" ]; then
+if [ "${DOCKER_FIREWALLD:-}" = "true" ]; then
 	cat > /etc/firewalld/zones/trusted.xml << EOF
 <?xml version="1.0" encoding="utf-8"?>
 <zone target="ACCEPT">
@@ -76,7 +76,7 @@ env > /etc/docker-entrypoint-env
 cat > /etc/systemd/system/docker-entrypoint.target << EOF
 [Unit]
 Description=the target for docker-entrypoint.service
-Requires=docker-entrypoint.service systemd-logind.service systemd-user-sessions.service $([ ${DOCKER_FIREWALLD:-} = "true" ] && echo firewalld.service)
+Requires=docker-entrypoint.service systemd-logind.service systemd-user-sessions.service $([ "${DOCKER_FIREWALLD:-}" = "true" ] && echo firewalld.service)
 EOF
 
 quoted_args="$(printf " %q" "${@}")"