Refactor security configuration: Remove external CrowdSec mode support

- Updated SecurityConfig model to only support 'local' or 'disabled' modes for CrowdSec.
- Modified related logic in the manager and services to reject external mode.
- Adjusted tests to validate the new restrictions on CrowdSec modes.
- Updated frontend components to remove references to external mode and provide appropriate user feedback.
- Enhanced documentation to reflect the removal of external CrowdSec mode support.

frontend/src/pages/Security.tsx

@@ -184,11 +184,6 @@ export default function Security() {
                 disabled={!status.cerberus?.enabled}
                 onChange={(e) => {
                   console.log('crowdsec onChange', e.target.checked)
-                  // pre-validate if enabling external CrowdSec without API URL
-                  if (e.target.checked && status.crowdsec?.mode === 'external') {
-                      toast.error('External CrowdSec mode is not supported in this release')
-                      return
-                    }
                   toggleServiceMutation.mutate({ key: 'security.crowdsec.enabled', enabled: e.target.checked })
                 }}
                 data-testid="toggle-crowdsec"