docs(chore): Shift pro/con lists to top of each tab

Additionally make them collapsible but expanded by default (`???+`)

docs/content/config/advanced/kubernetes.md

@@ -348,6 +348,13 @@ The major problem with exposing DMS to the outside world in Kubernetes is to [pr
 
 === "Load-Balancer + Public IP"
 
+    ???+ abstract "Advantages / Disadvantages"
+
+        - [x] Simple
+        - [ ] Requires the node to have a dedicated, publicly routable IP address
+        - [ ] Limited to a single node (_associated to the dedicated IP address_)
+        - [ ] Requires configuring a load balancer
+
     **General**
 
     !!! info
@@ -401,14 +408,14 @@ The major problem with exposing DMS to the outside world in Kubernetes is to [pr
       ipAddressPools: [ mailserver ]
     ```
 
-    !!! abstract "Advantages / Disadvantages"
+=== "External-IP Service"
+
+    ???+ abstract "Advantages / Disadvantages"
 
         - [x] Simple
         - [ ] Requires the node to have a dedicated, publicly routable IP address
         - [ ] Limited to a single node (_associated to the dedicated IP address_)
-        - [ ] Requires configuring a load balancer
+        - [ ] Requires manually setting the IP
-
-=== "External-IP Service"
 
     **General**
 
@@ -448,21 +455,20 @@ The major problem with exposing DMS to the outside world in Kubernetes is to [pr
         - 10.20.30.40
     ```
 
-    !!! abstract "Advantages / Disadvantages"
+=== "Host network"
+
+    ???+ abstract "Advantages / Disadvantages"
 
         - [x] Simple
         - [ ] Requires the node to have a dedicated, publicly routable IP address
         - [ ] Limited to a single node (_associated to the dedicated IP address_)
-        - [ ] Requires manually setting the IP
+        - [ ] It is not possible to access DMS via other cluster nodes, only via the node that DMS was deployed on
-
+        - [ ] Every port within the container is exposed on the host side
-=== "Host network"
 
     **General**
 
     Using `hostPort` and `hostNetwork: true` is a similar approach to [`network_mode: host` with Docker Compose][docker-docs::compose::network_mode].
 
-[docker-docs::compose::network_mode]: https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode
-
     **Example**
 
     ```yaml
@@ -496,16 +502,19 @@ The major problem with exposing DMS to the outside world in Kubernetes is to [pr
             #  ...
     ```
 
-    !!! abstract "Advantages / Disadvantages"
-
-        - [x] Simple
-        - [ ] Requires the node to have a dedicated, publicly routable IP address
-        - [ ] Limited to a single node (_associated to the dedicated IP address_)
-        - [ ] It is not possible to access DMS via other cluster nodes, only via the node that DMS was deployed on
-        - [ ] Every port within the container is exposed on the host side
-
 === "Using the PROXY Protocol"
 
+    ???+ abstract "Advantages / Disadvantages"
+
+        - [x] Preserves the origin IP address of clients (_which is crucial for DNS related checks_)
+        - [x] Aligns with a best practice for Kubernetes by using a dedicated ingress, routing external traffic to the k8s cluster (_with the benefits of flexible routing rules_)
+        - [x] Avoids the restraint of a single [node][Kubernetes-nodes] (_as a workaround to preserve the original client IP_)
+        - [ ] Introduces complexity by requiring:
+            - A reverse-proxy / ingress controller (_potentially extra setup_)
+            - Kubernetes manifest changes for the DMS configured `Service`
+            - DMS configuration changes for Postfix and Dovecot
+        - [ ] To keep support for direct connections to DMS services internally within cluster, service ports must be "duplicated" to offer an alternative port for connections using PROXY protocol
+
     !!! question "What is the PROXY protocol?"
 
         PROXY protocol is a network protocol for preserving a client’s IP address when the client’s TCP connection passes through a proxy.
@@ -522,17 +531,6 @@ The major problem with exposing DMS to the outside world in Kubernetes is to [pr
 
         For more information on the PROXY protocol, refer to [our dedicated docs page][docs-mailserver-behind-proxy] on the topic.
 
-    !!! abstract "Advantages / Disadvantages"
-
-        - [x] Preserves the origin IP address of clients (_which is crucial for DNS related checks_)
-        - [x] Aligns with a best practice for Kubernetes by using a dedicated ingress, routing external traffic to the k8s cluster (_with the benefits of flexible routing rules_)
-        - [x] Avoids the restraint of a single [node][Kubernetes-nodes] (_as a workaround to preserve the original client IP_)
-        - [ ] Introduces complexity by requiring:
-            - A reverse-proxy / ingress controller (_potentially extra setup_)
-            - Kubernetes manifest changes for the DMS configured `Service`
-            - DMS configuration changes for Postfix and Dovecot
-        - [ ] To keep support for direct connections to DMS services internally within cluster, service ports must be "duplicated" to offer an alternative port for connections using PROXY protocol
-
     **Examples**
 
     A complete configuration, with duplicated ports, can be found down below in the "Traefik" section. The Postfx and Dovecot configuration is identical for other proxies (like NGINX).
@@ -756,6 +754,7 @@ The major problem with exposing DMS to the outside world in Kubernetes is to [pr
 [docs-dovecot]: ./override-defaults/dovecot.md
 [docs-postfix]: ./override-defaults/postfix.md
 [docs-mailserver-behind-proxy]: ../../examples/tutorials/mailserver-behind-proxy.md
+[docker-docs::compose::network_mode]: https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode
 [dockerhub-haproxy]: https://hub.docker.com/_/haproxy
 [Kubernetes-nginx]: https://kubernetes.github.io/ingress-nginx
 [Kubernetes-nginx-expose]: https://kubernetes.github.io/ingress-nginx/user-guide/exposing-tcp-udp-services