Add CrowdSec bouncer for Bunny CDN Shield

Syncs locally-detected CrowdSec ban decisions to Bunny CDN Shield
Access Lists. Excludes community blocklists (CAPI/lists) since Bunny
Shield has its own managed threat feeds.

- Polls CrowdSec LAPI for origin=crowdsec/cscli bans
- Updates Bunny Shield custom Access List via PATCH API
- Change detection via set comparison to skip unnecessary API calls
- Exponential backoff retry on API failures
- Graceful SIGTERM/SIGINT shutdown
- Docker healthcheck support

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.gitignore

@@ -0,0 +1,3 @@
+.env
+__pycache__/
+*.pyc