roles/dch-proxy: Add haproxy config for Bitwarden

This commit adds an HAProxy backend for Bitwarden, and adds ACL rules to
the frontend to proxy traffic to *bitwarden.pyrocufflink.blue* or
*bitwarden.pyrocufflink.net* to it.

roles/dch-proxy/templates/frontend-main.haproxy.cfg.j2

@@ -5,6 +5,8 @@ frontend main
     use_backend gitea if { hdr(host) -i git.pyrocufflink.net }
     use_backend jenkins if { hdr(host) -i jenkins.pyrocufflink.blue }
     use_backend jenkins if { hdr(host) -i jenkins.pyrocufflink.net }
+    use_backend bitwarden if { hdr(host) -i bitwarden.pyrocufflink.blue }
+    use_backend bitwarden if { hdr(host) -i bitwarden.pyrocufflink.net }
     default_backend web
 
 
@@ -20,6 +22,8 @@ frontend main-tls
     use_backend gitea-tls if { req_ssl_sni -i git.pyrocufflink.net }
     use_backend jenkins-tls if { req_ssl_sni -i jenkins.pyrocufflink.blue }
     use_backend jenkins-tls if { req_ssl_sni -i jenkins.pyrocufflink.net }
+    use_backend bitwarden-tls if { req_ssl_sni -i bitwarden.pyrocufflink.blue }
+    use_backend bitwarden-tls if { req_ssl_sni -i bitwarden.pyrocufflink.net }
     use_backend web-tls if { req_ssl_sni -i darkchestofwonders.us }
     use_backend web-tls if { req_ssl_sni -i pyrocufflink.net }
     default_backend openvpn