Fix certificate bootstrapping issue by switch to DNS-01 challenge
Our current way of bootstrapping a new service does not really bootstrap an valid SSL certificate when deploying a role. As our nginx configuration does expects a certificate to be there, but it's not there yet and nginx needs to run so this is a classic chicken egg problem.
Hetzner has a DNS API now so we can switch to DNS verification.
- Every machine can now issue a wildcard certificate :/