add new-do droplet

[cooldracula]

This PR is in response to ticket https://github.com/planetary-social/infrastructure/issues/66.

This role creates a new digital ocean droplet with a configuration that matches the majority of what we did in the harden role. This lets us move more of the infra work into documented ansible scripts, and once that server is made, we can run all the tasks required to setup a service on it all within a single playbook (before we had to run common/harden separately first, and then the service role for reasons).

The intent and reasoning behind this role is documented in its README, included in this pr, but in short: it's a simple role that uses digital ocean's api to create the server and DO's cloud init feature to create our admin user, add our keys, and remove root login.

I add the keys via github, as I assumed anyone who could create a server is part of the planetary-social org and would have their keys easily available there. This pattern could act as an inspiration for a add-ssh-keys role later that would be more idempotent than our current setup.

Lastly, there are some changes to our flake.nix that just brings in additional developer niceties (e.g. a scaffolding command for creating new roles).

[cooldracula]

This work was incorporated into the secrets pr(#43 ) as this play was used as the test to make sure the new ansible dir structure worked. I am closing this to avoid confusion.