feat: add git.skudak.com Gitea instance and skudak domain migrations

Gitea Skudak (git.skudak.com):
- New Gitea instance with PostgreSQL in podman pod under git user
- SSH access via Gitea's built-in SSH server on port 2222
- Registration restricted to @skudak.com emails with email confirmation
- SMTP configured for email delivery

Domain migrations:
- wiki.skudakrennsport.com → wiki.skudak.com (302 redirect)
- cloud.skudakrennsport.com + cloud.skudak.com (dual-domain serving)
- BookStack APP_URL updated to wiki.skudak.com
- Nextcloud trusted_domains updated for cloud.skudak.com

Infrastructure:
- SELinux context for git user container storage (container_file_t)
- Firewall rule for port 2222/tcp (Gitea Skudak SSH)
- Caddy reverse proxy for git.skudak.com

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

ansible/roles/podman/defaults/main.yml

@@ -89,6 +89,11 @@ parts_server_name_io: parts.debyl.io
 photos_server_name_io: photos.debyl.io
 gitea_debyl_server_name: git.debyl.io
 
+# skudak.com domains (migration from skudakrennsport.com)
+bookstack_server_name_new: wiki.skudak.com
+cloud_skudak_server_name_new: cloud.skudak.com
+gitea_skudak_server_name: git.skudak.com
+
 # Legacy nginx/ModSecurity configuration removed - Caddy provides built-in security
 
 # Web server configuration (Caddy is the default)
@@ -144,6 +149,7 @@ caddy_log_names:
   - cloud
   - cloud-skudak
   - gitea-debyl
+  - gitea-skudak
   - fulfillr
 
 # GeoIP configuration for Graylog