feat: implement comprehensive variable management system

- Create standardized group_vars directory structure
- Add domains.yml with centralized subdomain mappings
- Add infrastructure.yml with network, SMTP, and path config
- Reorganize vault.yml secrets by service with consistent naming
- Update 15+ Docker compose templates to use new variable structure
- Simplify playbook commands by removing --extra-vars requirement
- Replace hardcoded domains/IPs with template variables
- Standardize secret references across all services

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

roles/docker/templates/heyform-compose.yml.j2

@@ -11,21 +11,21 @@ services:
     labels:
       glance.name: Heyform
       glance.icon: si:googleforms
-      glance.url: https://forms.nerder.land/
+      glance.url: https://{{ subdomains.heyform }}/
       glance.description: Forms server
       glance.id: heyform
     environment:
-      - APP_HOMEPAGE_URL=http://forms.nerder.land
-      - SESSION_KEY={{ heyform_session_key }}
-      - FORM_ENCRYPTION_KEY={{ heyform_encryption_key }}
+      - APP_HOMEPAGE_URL=http://{{ subdomains.heyform }}
+      - SESSION_KEY={{ vault_heyform.session_key }}
+      - FORM_ENCRYPTION_KEY={{ vault_heyform.encryption_key }}
       - MONGO_URI='mongodb://mongo:27017/heyform'
       - REDIS_HOST=keydb
       - REDIS_PORT=6379
-      - SMTP_FROM=nerderland@updates.thesatelliteoflove.com
-      - SMTP_HOST=smtp.resend.com
+      - SMTP_FROM=nerderland@{{ email_domains.updates }}
+      - SMTP_HOST={{ smtp.host }}
       - SMTP_PORT=465
-      - SMTP_USER=resend
-      - SMTP_PASSWORD={{ resend_key }}
+      - SMTP_USER={{ smtp.username }}
+      - SMTP_PASSWORD={{ vault_smtp.password }}
       - SMTP_SECURE=true
 
   mongo:
@@ -60,4 +60,4 @@ volumes:
 networks:
   default:
     external: true
-    name: lava
+    name: {{ docker.network_name }}