docs(godoc): trim package doc.go to point at the docs site

[FumingPower3925]

Why

Celeris now has a full documentation website — https://goceleris.dev/docs — which is the single source of truth for long-form guides, tutorials, and runnable examples.

The package-level doc.go files had independently grown into a ~4,000-line parallel copy of that same material (the root doc.go alone was 624 lines with ~30 tutorial sections). That's a duplicated maintenance surface: it drifts out of date, and several files already contradicted the real API (stale Config defaults, deprecated helpers presented as current, broken godoc symbol links, etc.).

What this does

Trims every package doc.go down to tight, accurate, IDE-facing godoc:

• a one-line package summary,
• a concise orientation to the key exported symbols (this is what IDEs surface on hover/autocomplete),
• at most a minimal example,
• a # Documentation section linking the matching page on the site.

Symbol-level godoc on declarations (the comments on each exported type/func/method in the other .go files) is left completely untouched — IDE hover and go doc <symbol> are unaffected.

Scope & numbers

• 51 files changed, comment-only — git diff --name-only is 100% doc.go.
• 50 doc.go trimmed, 4 already-minimal left as-is.
• net −3,110 lines (+942 / −4,052).
• gofmt -l, go build ./..., and go vet ./... all clean. No functional changes.

Stale facts corrected while trimming

The trim pass also fixed inaccuracies caught against the real source, e.g.:

• root: wrong Config timeout defaults (claimed "300s read/write"), Logger default listed as nil (really slog.Default()).
• basicauth: SHA-256 HashPassword is deprecated and HashedUsersFunc is mandatory (old doc implied otherwise).
• bodylimit: defaults are MiB, not MB.
• probe: Detect()→Probe(), Capabilities→engine.CapabilityProfile.
• resource: WorkloadHintLow/High→WorkloadLowConcurrency/HighConcurrency.
• session: broken [MemoryStore] link → [NewMemoryStore].
• ratelimit/recovery/requestid/store: added real exported symbols that were missing; removed broken links to unexported identifiers.
• static/postgres/rewrite: removed stale "limitation" claims that the current implementation no longer has.

Each link target was validated against a real page under the docs site.

Review notes

• Best reviewed file-by-file; the diff is large but mechanical (deletions of duplicated prose + a docs link).
• Internal/test packages (internal/, driver/internal/, test/) were only touched where a doc link was broken or a fact was stale.

[FumingPower3925]

Follow-up commit a44c4e7 adds two fixes surfaced by a docs usability audit (18 simulated new users building from the docs, then fact-checked against the real API):

• jwt sentinels now satisfy errors.Is(err, celeris.ErrUnauthorized) — ErrTokenMissing/ErrTokenInvalid/ErrJWTExpired/ErrJWTMalformed chain to celeris.ErrUnauthorized via an unexported cause, so mixed jwt+keyauth+basicauth stacks match every 401 with one check (the contract documented on ErrUnauthorized). The surfaced HTTPError.Error() text is unchanged; a regression test (unauthorized_match_test.go) locks both the matching and the message text.
• Server.Collector() godoc corrected — the collector is built eagerly in New() and is non-nil before Start (nil only when Config.DisableMetrics), matching New()'s own godoc.

gofmt, go build ./..., go vet ./... clean; jwt, keyauth, basicauth, and root suites pass.