move roles, files and templates dirs out of playbook dir into root dir

Because of how Ansible local relative search paths work, the global
"files" and "templates" directories need to be next to the playbooks.
However its not intuitive to look into the "playbooks" directory to find
the files and templates for a host.
Therefore move them out of the "playbooks" directory into the root
directory and add symlinks so everything still works.

Similarly for local roles, they also need to be next to the playbooks.
So for a nicer structure, move the "roles" directory out into the root
directory as well and add a symlink so everything still works.

Also see:
https://docs.ansible.com/ansible/latest/playbook_guide/playbook_pathing.html#resolving-local-relative-paths
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_reuse_roles.html#storing-and-finding-roles

files/chaosknoten/configs/lists/nginx/lists.c3lingo.org.conf

@@ -0,0 +1,26 @@
+server {
+	root /var/www/html;
+    server_name lists.c3lingo.org; # managed by Certbot
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+
+    ssl_certificate /etc/letsencrypt/live/lists.c3lingo.org/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/lists.c3lingo.org/privkey.pem; # managed by Certbot
+    # verify chain of trust of OCSP response using Root CA and Intermediate certs
+    ssl_trusted_certificate /etc/letsencrypt/live/lists.c3lingo.org/chain.pem;
+
+    # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    location /static {
+        alias /opt/mailman/web/static;
+        autoindex off;
+    }
+
+    location / {
+          uwsgi_pass localhost:8080;
+          include uwsgi_params;
+          uwsgi_read_timeout 300;
+    }
+}

files/chaosknoten/configs/lists/nginx/lists.hamburg.ccc.de.conf

@@ -0,0 +1,26 @@
+server {
+	root /var/www/html;
+    server_name lists.hamburg.ccc.de; # managed by Certbot
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+
+    ssl_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/lists.hamburg.ccc.de/privkey.pem; # managed by Certbot
+    # verify chain of trust of OCSP response using Root CA and Intermediate certs
+    ssl_trusted_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/chain.pem;
+
+    # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    location /static {
+        alias /opt/mailman/web/static;
+        autoindex off;
+    }
+
+    location / {
+          uwsgi_pass localhost:8080;
+          include uwsgi_params;
+          uwsgi_read_timeout 300;
+    }
+}