We only need those on the domservers (& admin machines).

…ed (DOMjudge#126)

yet.

This is not possible (yet) for php_fpm but that one also exposes the
least interesting metrics for people snooping. If we would want that we
would need to do something with nginx for this.

This is relevant for the online judge but also makes sense as teams can
always query the node endpoint on domservers.

Alternative is to do the same as for the PHP-FPM exporter

Add intended final to naming, shortened naming for readability

There is not clean way to keep the playbooks the same and keep our generic variables.

The structure:
wf46
 - domserver
wf47
 - domserver
would get all variables from wf47 as that is the last defined hostgroup above domserver, putting the contest below
would put all hosts (even judgehosts) in the domserver group.

By symlinking we get the least worse solution as we have the variables, but for ansible those all look like new groups.

Where possible we use the value from `all`, online is fully copied to
make sure we don't pick any value from the onsite branch.

Use default values for Luxor

We import our admin accounts in the analyst instance, using another
password only makes this more difficult.

The replication password is set lower in the wf46/wf47 as besides the
risk for leaking the database we would also setup replication on the
analyst instance.
The ICPC-tools variables are not relevant here as we at this point don't
setup the CDS.

We still need to manually set our IP for the different instances for the
keepalived (although we could ask the DNS for that value) but this is a
start. This is not tested yet but should be relatively simple to test.