Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2918

Related to https://github.com/matrix-org/synapse/pull/15488

Many of these do depend on the Synapse master process (`matrix-synapse.service`),
so it makes sense to do it.

Furthermore, we're doing it so that one can stop the `matrix-synapse.service`
service and have systemd cascade this into stopping all the workers as well.

This is useful for easily stopping all of Synapse, so that Postgres
upgrades (`--tags=upgrade-postgres`) can happen cleanly.
Postgres upgrades currently stop `devture_postgres_systemd_services_to_stop_for_maintenance_list` which
includes Synapse, but stopping just the master process and leaving workers running is not safe enough and sometimes leads to errors like:

> ERROR:  insert or update on table "event_forward_extremities" violates foreign key constraint "event_forward_extremities_event_id"

With this dependency in place, stopping `matrix-synapse.service` will stop all Synapse processes.

Related to:
- e4f545c452
- 2481b7dfa4

We've prepared for this by adding the `main` process to the `instance_map` a long time ago,
in 49cb8b7b11.

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

Related to:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2698
- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2700

This was mostly affecting the stream writer (events) worker, which was
being reported as unhealthy. It wasn't causing any issues, but it just
looked odd and was confusing people.

As an alternative to hitting the regular `/health` healthcheck route (on
the "client" API which this stream writer does not expose),
we may have went for hitting some "replication" API endpoint instead.

This is more complicated and likely unnecessary.

It's the same as `matrix_docker_network` for now, so this practically
doesn't change anything.

* Update homeserver.yaml.j2

* Update configuring-playbook-ldap-auth.md

* Update homeserver.yaml.j2

* Add ability to disable password auth

* Allow disabling password authentication

Larger deployments may wish to run migration more often.

Related to https://docs.docker.com/engine/deprecated/#separator--of---security-opt-flag-on-docker-run

Related to:

- https://github.com/matrix-org/synapse/pull/14551/files
- https://github.com/matrix-org/synapse/pull/14619/files

Related to

- c15e9a0edb
- 01a0527892

It's unnecessary when `pusher_instances` is populated.

Source: 6acb6d772a

It's unnecessary when `federation_sender_instances` is populated.

Source: 6acb6d772a

This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.