[__jitsi_meet] Improve manpage regarding ufw and SSH

This documents the fact that this type does not make decisions about anything
other than Jitsi-Meet itself and therefore care should be taken with the SSH
port.

Related to:	ungleich-public/cdist-contrib#23
Reported by:	@pedro

type/__jitsi_meet/man.rst

@@ -21,10 +21,10 @@ You will also need the `__jitsi_meet_domain` type in order to finish setting up
 the web frontend (including TLS certificates) and its settings.
 
 You may want to use the `files/ufw` example manifest for a `__ufw`-based
-firewall compatible with this type.
+firewall compatible with this type that allows all ports needed by Jitsi-Meet.
-This file does not include rules for TCP port 9888, which exposes the
+Note however that this will not deal with rules for SSH or for TCP port 9888,
-prometheus exporter if not disabled.
+which exposes the prometheus exporter if not disabled.
-You should apply your own rules here.
+Remember to apply your own rules here, particularly regarding SSH.
 
 This type only works on De{bi,vu}an systems.
 
@@ -76,9 +76,11 @@ EXAMPLES
 
 .. code-block:: sh
 
-    # Setup the firewall
+    # Setup the firewall for Jitsi-Meet
     . "${__global}/type/__jitsi_meet/files/ufw"
     export require="__ufw"
+    # Setup firewall SSH rules as necessary
+    __ufw_rule ssh --rule 'allow 22/tcp from 10.0.0.0/24'
     # Setup Jitsi on this host
     __jitsi_meet \
       --turn-server "turn.exo.cat" \