roles/graylog: Add Graylog server deployment

The *graylog* role installs Graylog from the *graylog2.org* Yum
repository and manages basic server configuration.  It augments the
default systemd unit to provide the `CAP_NET_BIND_SERVICE` capability to
the Graylog server process via ambient capabilities, thereby allowing
the server to bind to the privileged Syslog UDP port.

roles/graylog/templates/graylog.httpd.conf.j2

@@ -0,0 +1,15 @@
+# vim: set ft=apache :
+
+RewriteEngine On
+RewriteCond %{HTTPS} !on
+RewriteRule /.* https://%{SERVER_NAME}$0 [R=301,L]
+
+ProxyRequests Off
+ProxyPass / http://localhost:9000/ nocanon
+ProxyPassReverse / http://localhost:9000/
+
+RequestHeader set X-Graylog-Server-URL {{ graylog_server_url }}
+
+<Location />
+	Require all granted
+</Location>