This data will be used to generate authentication artifacts for users outside
the team.

This enables users in the _data/private/hub/guest_users.yml list to access the
Hub.

Authenication includes are generated, but do not link to any pages. On top of
being a nice touch, they're necessary to avoid breaking the Server Side
Include directive in _layouts/bare.html, since there's no means of checking
the existence of an included file in SSI itself. We could write a small CGI
process to check this and generate the authentication include on the fly, but
that defeats the purpose of keeping the Hub otherwise all-static.

After digging deeper into the origin of $REMOTE_USER at Aidan Feldman's
request in #3, I realized that the user's entire email address was
available to nginx's Server Side Include module via the embedded
$http_x_forwarded_email variable, set by ngx_http_core_module:

http://nginx.org/en/docs/http/ngx_http_core_module.html#var_http_

Using this to create each directory under _site/auth seems preferable to
$REMOTE_USER, since having the domain name available as part of the generated
directory name may help to avoid conflicts, should we ever wish to grant
access to users from other domains.