Put all containers in their own isolated Docker network (matrix)

Moving away from using the default bridge network to using our own.
This isolates our services from other Docker containers running
on the default network on the same host.

The benefits are that:

- isolation is a little better - we no longer share a default
bridge network with any other containers that might be running on the host

- there are no longer hard dependencies - we do service discovery
by DNS name, and not via explicit `--link` usage during container start,
so containers can start out of order and fail without bringing down others
with them
(`matrix-nginx-proxy` can continue running, even if one of the other services dies)

In the future, when other services get introduced,
the increased resilience and simplicity will help as well.

roles/matrix-server/defaults/main.yml

@@ -18,7 +18,7 @@ matrix_user_gid: 991
 # The defaults below cause a postgres server to be configured (running within a container).
 # Using an external server is possible by tweaking all of the parameters below.
 matrix_postgres_use_external: false
-matrix_postgres_connection_hostname: "postgres"
+matrix_postgres_connection_hostname: "matrix-postgres"
 matrix_postgres_connection_username: "synapse"
 matrix_postgres_connection_password: "synapse-password"
 matrix_postgres_db_name: "homeserver"
@@ -70,6 +70,8 @@ docker_s3fs_image: "xueshanf/s3fs:latest"
 docker_goofys_image: "cloudproto/goofys:latest"
 docker_coturn_image: "instrumentisto/coturn:4.5.0.7"
 
+# The Docker network that all services would be put into
+matrix_docker_network: "matrix"
 
 # A shared secret (between Synapse and Coturn) used for authentication.
 # You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).