Go through nginx configuration templates and convert them to jinja2 with
slapos parameters (reminder: names and default values are imported from
omnibus-gitlab 8.2.3+ce.0-0-g8eda093), except commenting out features we
do not want to support (yet ?).

As nginx is a reverse-proxy, i.e. it integrates all internal services
and works as frontend to them, our gitlab service is now ready to listen
and talk to the world over (standard to slapos services backend) IPv6.

Nginx also acts as SSL termination point - for it to work by default we
setup self-signed certificate for the backend, which can be manually
changed to proper certificate if needed. Backend certificate is used
if gitlab is configured to work in HTTPS mode (and frontend certificate
is another story).

NOTE ssl certificate is generated with just `openssl req ...` - yes, there
    is slapos.cookbook:certificate_authority.request but it requires
    to start whole service and has up to 60 seconds latency to generate
    certificate. And we only need to run 1 command to do that...

The features disabled are:

    - http -> https redirection

      not needed for us at nginx level - the frontend can do the
      redirection and also gitlab speaks HSTS on https port so when we access
      https port via http protocol, it gets redirected to https.

    - kerberos
    - ssl_dhparam
    - providing custom nginx configuration via instance parameter

/cc @kazuhiko, @jerome