This patch adds a title to the documentation as well as some links to
the repository as well as the WebIDE for GitLab adjustments.

Currently terraform isn't used, so it shouldn't be part of the README.

This patch adds the initial structure for the documentation of the
Shivering-Isles GitOps Infrastructure repository. It uses mdbook to
create an easy to read documentation.

It uses mdbook, because it's an easy single-binary tool to generate
documentation. This fits the tooling schema of koolbox quite well and
can be easily integrated into the automatic updates toolchain already
used. Further it uses markdown, which allows easy writing of further
documentation and re-use of existing documentation.

The documentation structure re-uses various existing READMEs from
components. These might be replaced in the long run.

It also lays out future plans for documentation, which is currently
still on the TODO list. This should help to keep the overall structure
in mind and provide the general direction.

References:
https://rust-lang.github.io/mdBook/index.html

The login works now, however the role-mapping seems to be flawed and
therefore broken, which results in everyone becoming just a viewer. This
patch reworks the role path to (hopefully) work as expected and use the
client-role assignment

This patch adds the root_url config, in order to generate the correct
redirect URL.

The grafana.ini variable isn't just a plain ini file, but a structured
document that is then translated to ini. I hope this works now as
expected.

This patch introduces some config variables that should result in
grafana no longer asking for the admin password but use oauth to
authenticate automatically.

After some considerations regarding resource use and false-positives, it
seems like a good idea to disable modsecurity especially since it seems
to cause issues with synapse, especially SSO, therefore it seems like a
good idea, to disable it for now and maybe revisit in the future.

After some considerations regarding resource use and false-positives, it
seems like a good idea to disable modsecurity especially since it seems
to cause issues with oauth-proxy and general high entrophy workload.

This patch forces a spreading across multiple Nodes for ingress
controller Pods. This should ensure that Pods a single node failing,
doesn't take down all ingress Pods.

Further this patch introduces a node affinity, that prefers nodes with
better CPU feature support. In order to utilise hardware acceleration as
much as possible.

References:
https://www.intel.com/content/dam/develop/external/us/en/documents/open-ssl-performance-paper-345527.pdf

This patch adds DNS over TLS as a directly exposed service, this helps
to keep the setup simple and not rely on any ingress container to
function. TLS certificates are manged by cert-manager anyway, which
should make it easy to keep everything up-to-date with no problem.