Promote semantic to first class application

[Ardiea]

Description/Context

The semantic stack is currently 'quick and dirty' and it has hung around far longer than it should have. Mike is tired of replacing the credentials by hand every 30 days and/or any of the other things it requires to continue running.

Plan/Design

0. Prereq: dev needs to produce some kind of artifact or define gitrepo(s) and branch(s) to track that constituent the application.
1. Improve the AMI bake to include code artifacts from step 0 and anything else needed, like building the .env file and probably a docker-compose file? Including consul template code to put in dynamic db creds for the .env file.
2. Improve the pulumi code with anything it needs to support the improvements in step 1.
3. Add nginx / traefik in front of the existing services and have it listen on 443 with a * cert from ACM or whatever. Letsencrypt is fine too. I think nginx is there already from the compose file that the app shipped with? Whatever it is, needs review and needs more TLS.
4. Standard build+deploy pipeline.

or, depending on how long this hangs around

1. Put this in kubernetes.
2. More to follow?