Add wildcard app support to tunnel

If I'm using the tunnel, it'd be awesome if my wildcard apps could be tunneled too. Perhaps a single-level domain could be used to avoid generating additional certificates?

```sh
# Coder control plane: 
https://fccabeef4dc13617d5ec0c06ad7ac83c.pit-1.try.coder.app

# A wildcard app:
https://34469--dev--ben-stable--bpmct--fccabeef4dc13617d5ec0c06ad7ac83c.pit-1.try.coder.app
```