[feat] add ACME-based certificate management using go-acme/lego

- Introduced a new `legoManager` for managing per-domain TLS certificates.
- Implemented ACME HTTP-01 challenge handling with a configurable webroot directory.
- Created `NewLegoManagerFromEnv` to initialize ACME settings from environment variables.
- Added `verifyDomainsResolve` to validate domain DNS resolutions.
- Updated `.gitignore` to include ACME cache and webroot directories.
- Updated `go.mod` and `go.sum` with new dependencies, including `go-acme/lego`.

.dockerignore

@@ -1,2 +1,5 @@
 # Docker build context excludes
-images/
+images/
+bin/
+acme-cache/
+acme-webroot/