feat: add admin handler (modpack CRUD, file upload, manifest, launcher release)

- modpack CRUD: GET/POST/PUT/DELETE /api/admin/modpacks
- file upload: POST /api/admin/modpacks/{slug}/upload — multipart, ZIP extraction, CAS storage
- manifest: POST /api/admin/modpacks/{slug}/manifest — scan instance dir, generate manifest.json
- launcher release: POST /api/admin/launcher/release — CI/CD endpoint, SHA-256 verify, DB registration
- auth middleware: Bearer token + admin role check + X-CI-Token for CI/CD
- zip-slip protection in file extraction

Co-Authored-By: OWL <noreply@anthropic.com>

cmd/server/main.go

@@ -10,6 +10,7 @@ import (
 	"syscall"
 	"time"
 
+	"gitea.mrixs.me/Mrixs/MrixsCraft-server/internal/admin"
 	"gitea.mrixs.me/Mrixs/MrixsCraft-server/internal/api"
 	"gitea.mrixs.me/Mrixs/MrixsCraft-server/internal/auth"
 	"gitea.mrixs.me/Mrixs/MrixsCraft-server/internal/config"
@@ -46,7 +47,11 @@ func main() {
 	apiHandler := api.NewHandler(db, cfg)
 	apiHandler.RegisterRoutes(mux)
 
-	// TODO: register Admin, CAS routes.
+	// Admin panel.
+	adminHandler := admin.NewHandler(db, cfg)
+	adminHandler.RegisterRoutes(mux)
+
+	// TODO: register CAS routes.
 
 	addr := ":" + itoa(cfg.Port)
 	srv := &http.Server{