feat(server): implement serve loop, ServeOptions, graceful shutdown, and integration test

- Add ServeOptions struct with all CLI fields (key, authorized_keys, cert_authority,
  transport_mode, listen_addr, tls_cert, tls_key, acme_domain, stealth, proxy,
  iroh_relay, max_connections_per_ip, max_auth_attempts)
- ServeOptions::key/authorized_keys accept KeySource (file or in-memory)
- Server::new(opts) creates server with bound russh config, auth config, rate limiter
- Server::run(acceptor, endpoint_info) enters accept loop: rate limit check -> create
  handler -> russh::server::run_stream()
- Stealth mode integration: protocol detection before run_stream() on TLS connections
- Graceful shutdown: Server::shutdown() sends SSH disconnect, waits drain timeout,
  aborts remaining sessions
- SIGTERM/SIGINT handler on unix platforms
- iroh mode: prints endpoint ID on startup
- Integration test: start server, shutdown signal, verify clean exit
- Re-export Server, ServeOptions, ServeTransportMode, ServeError from lib.rs

crates/wraith-core/src/lib.rs

@@ -11,4 +11,5 @@ pub mod testutil;
 pub use error::{AuthError, ChannelError, ConfigError, ForwardError, TransportError};
 pub use transport::{Transport, TransportAcceptor, TransportInfo, TransportKind};
 pub use client::channel_manager::{ChannelManager, ForwardRequest};
-pub use client::connect::{ClientSession, ConnectError, ConnectOptions, TransportMode};
+pub use client::connect::{ClientSession, ConnectError, ConnectOptions, TransportMode};
+pub use server::serve::{Server, ServeError, ServeOptions, ServeTransportMode};