Add --enable-admin and --acme flags for the `step ca init` command.

[dopey]

This will allow users to set up API mgmt for provisioners, and unblock users in environments where the ca.json is not easily accessible.

The --enable-admin flag would create the first provisioner and admin (this code already exists, just behind a boolean). The --acme flag would create an ACME provisioner.

Related: https://github.com/smallstep/certificates/issues/737

[JonathonRichardson]

The ACME user flag would be particularly useful. In addition to adding it to the CLI, it should probably be exposed as an option for the docker image via the entrypoint.sh script, so that we could set an environment variable (e.g. DOCKER_STEPCA_INIT_ACME_USER=true) in the container config to have a fully compliant ACME server on startup.

As a workaround for now, I use a modified version of the entrypoint to get the CA to be ready to go for ACME requests on startup/creation by updating the step_ca_init function to call step ca provisioner add acme --type ACME before finishing up, but it'd be nice to get back to just launching the image as is from Docker Hub.

# Initialize a CA if not already initialized
function step_ca_init () {
    local -a setup_args=(
        --name "${DOCKER_STEPCA_INIT_NAME}"
		--dns "${DOCKER_STEPCA_INIT_DNS_NAMES}"
		--provisioner "${DOCKER_STEPCA_INIT_PROVISIONER_NAME:-admin}"
		--password-file "${STEPPATH}/password"
        --address ":9000"
    )
    if [ -n "${DOCKER_STEPCA_INIT_PASSWORD}" ]; then
        echo "${DOCKER_STEPCA_INIT_PASSWORD}" > "${STEPPATH}/password"
    else
        generate_password > "${STEPPATH}/password"
    fi
    if [ -n "${DOCKER_STEPCA_INIT_SSH}" ]; then
        setup_args=("${setup_args[@]}" --ssh)
    fi
    step ca init "${setup_args[@]}"

    # https://smallstep.com/docs/step-ca/acme-basics#configure-step-ca-for-acme
    step ca provisioner add acme --type ACME
    
    mv $STEPPATH/password $PWDPATH
}