🔐 Security hardening: auth, rate limiting, brute force protection

- Add comprehensive security package with:
  - API Key generation and validation (SHA256 hash)
  - Password policy enforcement (min 12 chars, complexity)
  - Rate limiting with presets (auth, api, ingest, export)
  - Brute force protection (5 attempts, 15min lockout)
  - Security headers middleware
  - IP whitelisting
  - Audit logging structure
  - Secure token generation

- Enhanced auth middleware:
  - JWT + API Key dual authentication
  - Token revocation via Redis
  - Scope-based authorization
  - Role-based access control

- Updated installer with:
  - Interactive setup for client customization
  - Auto-generated secure credentials
  - Docker all-in-one image
  - Agent installer script

- Added documentation:
  - SECURITY.md - Complete security guide
  - INSTALL.md - Installation guide
  - .env.example - Configuration reference

go.mod

@@ -4,6 +4,8 @@ go 1.22
 
 require (
 	github.com/gofiber/fiber/v2 v2.52.0
-	github.com/shirou/gopsutil/v3 v3.24.1
 	github.com/golang-jwt/jwt/v5 v5.2.0
+	github.com/redis/go-redis/v9 v9.4.0
+	github.com/shirou/gopsutil/v3 v3.24.1
+	golang.org/x/crypto v0.18.0
 )