Great to see that you are working through it all 
I am still learning the ropes.. but though to add a tips that I have learned along the way.
My understanding is that the "/ziti-edge-tunnel" is only required when you are building a custom SDK applications
i.e when you want to use zitified ssh or scp
What I understand in your example is that you need to install the mobile / desktop tunneller apps instead.. this is what uses the intercept configuration you have setup... the /ziti-edge-tunnel' does not use an intercept.. rather a host.. as I understand
To get your example to work.. what I believe you need to do is to zitify the application server... you can find the code here for a gloang server.. not sure if there is any code base for a python server
I would encourage you go give golang a go.. as its actually not hard to learn and will help you later one.. when you want to implement more advanced capabilities.. what is great is that it gets complied into C so that it runs fast
.. Also.. to get access to the dark application server from a desktop / mobile.. you need to enrol the identities on each desktop / mobile app.. so you will need to download the jwt from the server .. or use the QR enrollment feature as needed.
After having gone through the learning curve..I would suggest starting out with a simpler starting piece.. and only deploy to a single server..
here is how I got started.. after a lot of time spent learning
Once I worked through all of this.. I was then able to tackle implementing a reverse proxy to provide access to a private web server. I used a golang server to implement this.. and will be documenting my learnings later next week
Hope that helps you keep moving forward.
Scott