docs: rewrite README with structured overview and quick start guide

Replaces the minimal project description with a comprehensive README
including a component overview table, quick start instructions, common
Ansible operations, and links to detailed documentation. Aligns with
Red Panda Approval™ standards.

ansible/adduser_harper.yml

@@ -0,0 +1,63 @@
+---
+# Create Harper User Account
+# Creates the harper user on all ubuntu hosts and deploys SSH authorized keys
+#
+# Usage:
+#   ansible-playbook adduser_harper.yml
+#
+# Target specific host:
+#   ansible-playbook adduser_harper.yml --limit ariel.incus
+
+- name: Create Harper User Account
+  hosts: ubuntu
+  become: true
+
+  vars:
+    harper_user:
+      name: harper
+      comment: "Harper - Autonomous Agent"
+      shell: /bin/bash
+      groups:
+        - sudo
+
+  tasks:
+    - name: Create harper user account
+      ansible.builtin.user:
+        name: "{{ harper_user.name }}"
+        comment: "{{ harper_user.comment }}"
+        shell: "{{ harper_user.shell }}"
+        groups: "{{ harper_user.groups }}"
+        append: true
+        create_home: true
+        state: present
+
+    - name: Ensure .ssh directory exists for harper
+      ansible.builtin.file:
+        path: "/home/{{ harper_user.name }}/.ssh"
+        state: directory
+        mode: '0700'
+        owner: "{{ harper_user.name }}"
+        group: "{{ harper_user.name }}"
+
+    - name: Get harper keys from ssh_authorized_users
+      ansible.builtin.set_fact:
+        harper_keys: "{{ ssh_authorized_users | selectattr('name', 'equalto', 'harper') | map(attribute='keys') | first | default([]) }}"
+
+    - name: Deploy authorized keys for harper
+      ansible.posix.authorized_key:
+        user: "{{ harper_user.name }}"
+        key: "{{ item }}"
+        state: present
+        exclusive: false
+      loop: "{{ harper_keys }}"
+      loop_control:
+        label: "{{ item | truncate(50) }}"
+      when: harper_keys | length > 0
+
+    - name: Configure passwordless sudo for harper
+      ansible.builtin.lineinfile:
+        path: /etc/sudoers.d/harper
+        line: "harper ALL=(ALL) NOPASSWD:ALL"
+        create: true
+        mode: '0440'
+        validate: "visudo -cf %s"