Caddy: Add option to have a separate Admin domain

- Our setup docs recommend having Ghost Admin on a separate domain from the content domain
- This lets users optionally set this up if they want whilst continuing to align Admin <-> content domain through templates

caddy/snippets/SecurityHeaders

@@ -0,0 +1,12 @@
+header {
+	# Enable HSTS
+	Strict-Transport-Security max-age=31536000;
+	# Prevent embedding in frames
+	X-Frame-Options DENY
+	# Enable XSS protection
+	X-XSS-Protection "1; mode=block"
+	# Prevent MIME sniffing
+	X-Content-Type-Options nosniff
+	# Referrer policy
+	Referrer-Policy strict-origin-when-cross-origin
+}