Security hardening: Move creds to .env, enable stream logs, rate limits

docker-compose.yml

@@ -7,14 +7,14 @@ services:
     container_name: home-service-proxy
     restart: unless-stopped
     ports:
-      - "8097:80"   # 외부 접속용 포트 (8096과 구분)
-      - "8443:443"  # HTTPS
+      - "8097:80" # 외부 접속용 포트 (8096과 구분)
+      - "8443:443" # HTTPS
     volumes:
       - ./nginx-ssl.conf:/etc/nginx/nginx.conf:ro
       - ./security.conf:/etc/nginx/conf.d/security.conf:ro
       - ./fail2ban-log:/var/log/nginx
-      - ./ssl-certs:/etc/nginx/ssl:ro  # SSL 인증서 (선택)
-      - ./archive:/etc/nginx/ssl/archive:ro  # 시놀로지 와일드카드 인증서
+      - ./ssl-certs:/etc/nginx/ssl:ro # SSL 인증서 (선택)
+      - ./archive:/etc/nginx/ssl/archive:ro # 시놀로지 와일드카드 인증서
     networks:
       - home-service-proxy-net
 
@@ -37,14 +37,14 @@ services:
 
   # OmniFocus 전용 WebDAV 서버
   webdav:
-    image: hacdias/webdav:latest  # ARM64 지원
+    image: hacdias/webdav:latest # ARM64 지원
     container_name: omnifocus-webdav
     restart: unless-stopped
     ports:
-      - "8090:80"  # 내부 WebDAV 포트
+      - "8090:80" # 내부 WebDAV 포트
     environment:
-      - WEBDAV_USERNAME=omnifocus
-      - WEBDAV_PASSWORD=7mK9pL3xR8nQ2wE
+      - WEBDAV_USERNAME=${WEBDAV_USERNAME}
+      - WEBDAV_PASSWORD=${WEBDAV_PASSWORD}
       - TZ=Asia/Seoul
     volumes:
       - ./omnifocus-data:/srv
@@ -54,7 +54,3 @@ services:
 networks:
   home-service-proxy-net:
     driver: bridge
-
-
-
-