zezere: role/playbook to deploy Zezere

Zezere is the Fedora IoT device provisioning service.  It is the
software that runs *provision.fedoraproject.org*, but it can be
self-hosted (if you can figure it out; there is no documentation
whatsoever).

The main use case for running Zezere locally is to automatically add
trusted SSH public keys to Fedora IoT devices, without depending on a
cloud service.  This playbook sets up Zezere with the very minimal
configuration needed to meet this goal.

roles/zezere/templates/zezere.conf.j2

@@ -0,0 +1,25 @@
+[global]
+secret_key = {{ zezere_secret_key }}
+debug = no
+allowed_hosts = {{ zezere_allowed_hosts|join(' ') }}
+secure_cookie = yes
+auth_method = local
+
+[oidc.rp]
+# client_id =
+# client_secret =
+sign_algo = RS256
+
+[oidc.op]
+# authorization_endpoint =
+# token_endpoint =
+# userinfo_endpoint =
+# jwks_endpoint =
+
+[database]
+engine = django.db.backends.sqlite3
+name = /var/lib/zezere/db.sqlite3
+
+[secure_proxy_ssl_header]
+# header = HTTP_X_FORWARDED_PROTO
+# value = https