Complete production-ready Caddy infrastructure with security hardening

- Add comprehensive Caddy role with HTTPS/TLS, DNS challenges, and systemd security
- Implement optimized systemd overrides with enhanced security restrictions
- Create detailed documentation with usage examples and variable references
- Establish proper Ansible configuration with vault integration
- Update site.yml for infrastructure orchestration with role-based deployment
- Add host-specific configuration structure for scalable multi-environment setup

host_vars/arch-vps/main.yml

@@ -0,0 +1,41 @@
+---
+# =================================================================
+# Production Configuration for arch-vps (jnss.me)
+# =================================================================
+
+# =================================================================
+# TLS Configuration - Production Setup
+# =================================================================
+caddy_tls_enabled: true
+caddy_domain: "jnss.me"
+caddy_tls_email: "{{ vault_caddy_tls_email }}"
+
+# DNS Challenge Configuration (Cloudflare)
+caddy_dns_provider: "cloudflare"
+cloudflare_api_token: "{{ vault_cloudflare_api_token }}"
+
+# Production Let's Encrypt CA
+caddy_acme_ca: "https://acme-v02.api.letsencrypt.org/directory"
+
+# =================================================================
+# Site Configuration 
+# =================================================================
+# For now, just serve the main jnss.me domain
+# Additional sites can be added here as services are deployed
+caddy_sites: []
+
+# Future sites will look like:
+# caddy_sites:
+#   - domain: "cloud.jnss.me"
+#     backend: "localhost:8080"
+#     dns_challenge: true
+#   - domain: "auth.jnss.me"
+#     backend: "localhost:9000" 
+#     dns_challenge: true
+
+# =================================================================
+# Security & Logging
+# =================================================================
+caddy_log_level: "INFO"
+caddy_log_format: "json"
+caddy_systemd_security: true