Add ability to whitelist external IP ranges, or pass HBA rules to CNPG

[bonesmoses]

A user made this request through our support portal.

Essentially, the CoreDB operator should have a syntax that allows it to pass pg_hba rules to CloudNativePG. Perhaps the easiest way to do this would be to handle a list of CIDR+netmask or host strings, eg:

ext_hba_list:
- 155.149.232.44/24
- my_host.mydomain.tld
    user: rep_user
    dbname: replication
    type: cert

And then the CoreDB operator would translate these to appropriate lines in the pg_hba section of the CloudNativePG cluster spec. If no whitelist metadata is supplied, we'd assume all.

This would allow external replication, manual use of pg_basebackup, and other use cases that are not currently possible. This would also require a GUI front-end in the website project to enable user-provisioning, but this would need to exist first.

It is currently possible to specify pg_hba rules directly in the CNPG cluster spec, but these may not persist if the CoreDB operator regenerates the spec.