feat: make all operational constants configurable via bouncer.toml

Replace hardcoded values across network, captcha, email, and cert
modules with BouncerConfig fields. All values have safe defaults
and are overridable in the [bouncer] section of the config file.

Configurable: probation_seconds, backoff_steps, nick_timeout,
rejoin_delay, http_timeout, captcha_poll_interval/timeout,
email_poll_interval/max_polls/request_timeout, cert_validity_days.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

tests/test_captcha.py

@@ -0,0 +1,37 @@
+"""Tests for bouncer.captcha module."""
+
+from bouncer.captcha import _extract_sitekey
+
+
+class TestExtractSitekey:
+    """Test hCaptcha sitekey extraction from HTML."""
+
+    def test_extracts_sitekey_from_div(self) -> None:
+        html = '<div class="h-captcha" data-sitekey="a1b2c3d4-e5f6-7890-abcd-ef1234567890"></div>'
+        assert _extract_sitekey(html) == "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
+
+    def test_extracts_sitekey_single_quotes(self) -> None:
+        html = "<div class='h-captcha' data-sitekey='10000000-ffff-ffff-ffff-000000000001'></div>"
+        assert _extract_sitekey(html) == "10000000-ffff-ffff-ffff-000000000001"
+
+    def test_returns_none_no_sitekey(self) -> None:
+        html = "<div>No captcha here</div>"
+        assert _extract_sitekey(html) is None
+
+    def test_returns_none_empty_html(self) -> None:
+        assert _extract_sitekey("") is None
+
+    def test_extracts_from_full_page(self) -> None:
+        html = """<!DOCTYPE html>
+<html>
+<head><title>Verify</title></head>
+<body>
+<form action="" method="POST">
+  <input type="hidden" name="token" value="abc123">
+  <div class="h-captcha" data-sitekey="abcdef01-2345-6789-abcd-ef0123456789"
+       data-callback="on_success"></div>
+  <input type="submit" value="Verify">
+</form>
+</body>
+</html>"""
+        assert _extract_sitekey(html) == "abcdef01-2345-6789-abcd-ef0123456789"