feat: migrate to unified wildcard ssl (*.hyungi.net) using cloudflare dns validation

- Switch Certbot to dns-cloudflare plugin
- Remove individual service certificates
- Update Nginx to use single wildcard cert
- Fix macOS Docker file caching issue by renaming cert files
- Ignore cloudflare.ini and ssl-certs in git

docker-compose-certbot.yml

@@ -2,16 +2,17 @@ version: '3.8'
 
 services:
   certbot:
-    image: certbot/certbot
+    image: certbot/dns-cloudflare
     container_name: home-service-certbot-daemon
     restart: unless-stopped
     volumes:
       - ./ssl-certs:/etc/letsencrypt
       - ./certbot-webroot:/var/www/certbot
+      - ./cloudflare.ini:/secrets/cloudflare.ini:ro
       - /var/run/docker.sock:/var/run/docker.sock
-    # 12시간마다 갱신 체크 + 갱신 성공 시 Nginx 자동 리로드 (--post-hook)
+    # 12시간마다 갱신 체크 + DNS 검증 사용
     entrypoint: >
       /bin/sh -c ' apk add --no-cache docker-cli && trap exit TERM; while :; do
-        certbot renew --webroot -w /var/www/certbot --post-hook "docker exec home-service-proxy-ssl nginx -s reload";
+        certbot renew --dns-cloudflare --dns-cloudflare-credentials /secrets/cloudflare.ini --post-hook "docker exec home-service-proxy-ssl nginx -s reload";
         sleep 12h & wait $${!};
       done;'