Migrate from file-based configs to database with per-IP site configuration

Major architectural changes:
   - Replace YAML config files with database-stored ScanConfig model
   - Remove CIDR block support in favor of individual IP addresses per site
   - Each IP now has its own expected_ping, expected_tcp_ports, expected_udp_ports
   - AlertRule now uses config_id FK instead of config_file string

   API changes:
   - POST /api/scans now requires config_id instead of config_file
   - Alert rules API uses config_id with validation
   - All config dropdowns fetch from /api/configs dynamically

   Template updates:
   - scans.html, dashboard.html, alert_rules.html load configs via API
   - Display format: Config Title (X sites) in dropdowns
   - Removed Jinja2 config_files loops

   Migrations:
   - 008: Expand CIDRs to individual IPs with per-IP port configs
   - 009: Remove CIDR-related columns
   - 010: Add config_id to alert_rules, remove config_file

app/web/api/scans.py

@@ -129,7 +129,7 @@ def trigger_scan():
     Trigger a new scan.
 
     Request body:
-        config_file: Path to YAML config file
+        config_id: Database config ID (required)
 
     Returns:
         JSON response with scan_id and status
@@ -137,25 +137,35 @@ def trigger_scan():
     try:
         # Get request data
         data = request.get_json() or {}
-        config_file = data.get('config_file')
+        config_id = data.get('config_id')
 
         # Validate required fields
-        if not config_file:
-            logger.warning("Scan trigger request missing config_file")
+        if not config_id:
+            logger.warning("Scan trigger request missing config_id")
             return jsonify({
                 'error': 'Invalid request',
-                'message': 'config_file is required'
+                'message': 'config_id is required'
+            }), 400
+
+        # Validate config_id is an integer
+        try:
+            config_id = int(config_id)
+        except (TypeError, ValueError):
+            logger.warning(f"Invalid config_id type: {config_id}")
+            return jsonify({
+                'error': 'Invalid request',
+                'message': 'config_id must be an integer'
             }), 400
 
         # Trigger scan via service
         scan_service = ScanService(current_app.db_session)
         scan_id = scan_service.trigger_scan(
-            config_file=config_file,
+            config_id=config_id,
             triggered_by='api',
             scheduler=current_app.scheduler
         )
 
-        logger.info(f"Scan {scan_id} triggered via API: config={config_file}")
+        logger.info(f"Scan {scan_id} triggered via API: config_id={config_id}")
 
         return jsonify({
             'scan_id': scan_id,
@@ -164,10 +174,10 @@ def trigger_scan():
         }), 201
 
     except ValueError as e:
-        # Config file validation error
+        # Config validation error
         error_message = str(e)
-        logger.warning(f"Invalid config file: {error_message}")
-        logger.warning(f"Request data: config_file='{config_file}'")
+        logger.warning(f"Invalid config: {error_message}")
+        logger.warning(f"Request data: config_id='{config_id}'")
         return jsonify({
             'error': 'Invalid request',
             'message': error_message