feat: Add nginx-proxy role for nginx and certbot

roles/nginx-proxy/templates/nginx-vhost.conf.j2

@@ -0,0 +1,34 @@
+server {
+  listen 80;
+  listen [::]:80;
+
+  listen 443 ssl;
+  listen [::]:443 ssl;
+
+  server_name {{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }};
+
+  ssl_certificate /etc/letsencrypt/live/{{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/{{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}/privkey.pem;
+
+  include /etc/nginx/conf.d/include/ssl-ciphers.conf;
+  include /etc/nginx/conf.d/include/ssl-cache.conf;
+  include /etc/nginx/conf.d/include/force-ssl.conf;
+
+  access_log /var/log/nginx/{{ item.key }}_access.log;
+  error_log /var/log/nginx/{{ item.key }}_error.log warn;
+
+  location / {
+    {% if item.value.upgraded %}
+    include /etc/nginx/conf.d/include/upgrade.conf;
+    {% endif %}
+
+    {% if item.value.internal %}
+    include /etc/nginx/conf.d/include/internal.conf;
+    {% endif %}
+
+    set $forward_scheme http;
+    set $server "{{ item.value.server }}";
+    set $port {{ item.value.port }};
+    include /etc/nginx/conf.d/include/proxy.conf;
+  }
+}