[controller] publish safe config
Controller should publish at a well-known API endpoint a subset of the configuration which is not sensitive, which can be accessed without authorization (similar to the discovery doc). It should have the same shape as the full configuration, but only include whitelisted keys/sections.
Sections that should be public:
- "ExternalURL" for "Services"
- Logging (all)