Enable E2E encryption for all services that receive a password

Currently, end-to-end encryption exists for the Docker Auth and Docker Registry server by using kube-lego to acquire a certificate and then giving access to that secret to both the nginx-ingress-controller as well as the application, and then configuring the Ingress with the annotation nginx.ingress.kubernetes.io/secure-backends.

However, GitLab and Grafana also accept user passwords in the application, and E2E encryption is not enabled for those applications. This means that traffic from the ingress controller to the application includes plaintext user credentials. While this is ideally not snoopable, there's no reason to do that when a perfectly good alternative exists.

I should set up GitLab and Grafana to serve SSL using the certificates that were acquired for them by kube-lego.