common: Hardened mount options

[JGoutin]

Bind mount common directories to add hardened mount options (like nodev, nosuid, noexec).

This may also be added to other roles where there is some data directory with possible un-trusted content (Like Nextcloud data or Squid cache directories)

REF:

• https://madaidans-insecurities.github.io/guides/linux-hardening.html#partitioning
• https://github.com/dev-sec/ansible-collection-hardening/blob/master/roles/os_hardening/tasks/minimize_access.yml
• https://github.com/dev-sec/ansible-collection-hardening/blob/master/roles/os_hardening/tasks/minimize_access_fs.yml