Phase 1 WP-11–22: Host infrastructure, Blazor Server UI, and integration tests

Host infrastructure (WP-11–17):
- StartupValidator with 19 validation rules
- /health/ready endpoint with DB + Akka health checks
- Akka.NET bootstrap via AkkaHostedService (HOCON config, cluster, remoting, SBR)
- Serilog with SiteId/NodeHostname/NodeRole enrichment
- DeadLetterMonitorActor with count tracking
- CoordinatedShutdown wiring (no Environment.Exit)
- Windows Service support (UseWindowsService)

Central UI (WP-18–21):
- Blazor Server shell with Bootstrap 5, role-aware NavMenu
- Login/logout flow (LDAP auth → JWT → HTTP-only cookie)
- CookieAuthenticationStateProvider with idle timeout
- LDAP group mapping CRUD page (Admin role)
- Route guards with Authorize attributes per role
- SignalR reconnection overlay for failover

Integration tests (WP-22):
- Startup validation, auth flow, audit transactions, readiness gating
186 tests pass (1 skipped: LDAP integration), zero warnings.

src/ScadaLink.CentralUI/ServiceCollectionExtensions.cs

@@ -1,4 +1,6 @@
+using Microsoft.AspNetCore.Components.Authorization;
 using Microsoft.Extensions.DependencyInjection;
+using ScadaLink.CentralUI.Auth;
 
 namespace ScadaLink.CentralUI;
 
@@ -6,7 +8,14 @@ public static class ServiceCollectionExtensions
 {
     public static IServiceCollection AddCentralUI(this IServiceCollection services)
     {
-        // Phase 0: skeleton only
+        services.AddRazorComponents()
+            .AddInteractiveServerComponents();
+
+        services.AddHttpContextAccessor();
+
+        services.AddScoped<AuthenticationStateProvider, CookieAuthenticationStateProvider>();
+        services.AddCascadingAuthenticationState();
+
         return services;
     }
 }