feat: Initialize Zastava Webhook service with TLS and Authority authentication

- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint.
- Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately.
- Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly.
- Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.

src/StellaOps.Excititor.WebService/Options/MirrorDistributionOptions.cs

@@ -0,0 +1,52 @@
+using System.Collections.Generic;
+
+namespace StellaOps.Excititor.WebService.Options;
+
+public sealed class MirrorDistributionOptions
+{
+    public const string SectionName = "Excititor:Mirror";
+
+    public List<MirrorDomainOptions> Domains { get; } = new();
+}
+
+public sealed class MirrorDomainOptions
+{
+    public string Id { get; set; } = string.Empty;
+
+    public string DisplayName { get; set; } = string.Empty;
+
+    public bool RequireAuthentication { get; set; }
+        = false;
+
+    /// <summary>
+    /// Maximum index requests allowed per rolling window.
+    /// </summary>
+    public int MaxIndexRequestsPerHour { get; set; } = 120;
+
+    /// <summary>
+    /// Maximum export downloads allowed per rolling window.
+    /// </summary>
+    public int MaxDownloadRequestsPerHour { get; set; } = 600;
+
+    public List<MirrorExportOptions> Exports { get; } = new();
+}
+
+public sealed class MirrorExportOptions
+{
+    public string Key { get; set; } = string.Empty;
+
+    public string Format { get; set; } = string.Empty;
+
+    public Dictionary<string, string> Filters { get; } = new();
+
+    public Dictionary<string, bool> Sort { get; } = new();
+
+    public int? Limit { get; set; }
+        = null;
+
+    public int? Offset { get; set; }
+        = null;
+
+    public string? View { get; set; }
+        = null;
+}