loki-ca: Add cert-manager issuer for Loki CA

The Loki CA is used to issue client certificates for Grafana Loki.  This
_cert-manager_ ClusterIssuer will allow applications running in
Kubernetes (e.g. Grafana) to request a Certificate that they can use to
access the Loki HTTP API.

loki-ca/openssl.cnf

@@ -0,0 +1,17 @@
+[req]
+distinguished_name = root_ca_dn
+prompt = no
+default_md = sha512
+x509_extensions = root_ca
+string_mask = utf8only
+
+[root_ca_dn]
+countryName = US
+organizationName = Dustin C. Hatch
+organizationalUnitName = Loki
+commonName = Loki CA
+
+[root_ca]
+subjectKeyIdentifier = hash
+basicConstraints = critical,CA:true,pathlen:0
+keyUsage = cRLSign, keyCertSign