Phase 2 Step 6: Docker & Deployment Configuration

Implement production-ready Docker deployment with comprehensive configuration
and documentation for SneakyScanner web application.

Changes:
- Update docker-compose-web.yml with production configuration
  - Add scheduler environment variables (SCHEDULER_EXECUTORS, SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES)
  - Enable privileged mode and host networking for scanner operations
  - Configure health check endpoint monitoring (30s interval, 40s start period)
  - Set production defaults (FLASK_ENV=production, FLASK_DEBUG=false)
  - Add SNEAKYSCANNER_ENCRYPTION_KEY support

- Create .env.example configuration template
  - Flask, database, and security settings
  - Scheduler configuration options
  - Detailed comments with key generation examples
  - Production deployment guidance

- Create comprehensive deployment documentation (docs/ai/DEPLOYMENT.md)
  - Quick start guide and prerequisites
  - Detailed configuration instructions
  - Volume management and backup procedures
  - Health monitoring and troubleshooting
  - Security considerations and best practices
  - Upgrade/rollback and backup/restore procedures

- Update PHASE2.md progress tracker
  - Mark Step 6 as complete
  - Update progress to 11/14 days (79%)
  - Document deliverables and implementation details

Deployment is now production-ready with proper security defaults, health
monitoring, and comprehensive documentation for system administrators.

.env.example

@@ -0,0 +1,64 @@
+# SneakyScanner Environment Configuration
+# Copy this file to .env and customize for your environment
+
+# ================================
+# Flask Configuration
+# ================================
+# Environment: production, development, or testing
+FLASK_ENV=production
+# Enable debug mode (NEVER use true in production!)
+FLASK_DEBUG=false
+# Host to bind to (0.0.0.0 for all interfaces)
+FLASK_HOST=0.0.0.0
+# Port to listen on
+FLASK_PORT=5000
+
+# ================================
+# Database Configuration
+# ================================
+# SQLite database path (absolute path recommended)
+DATABASE_URL=sqlite:////app/data/sneakyscanner.db
+
+# ================================
+# Security Settings
+# ================================
+# SECRET_KEY: Used for Flask session management and CSRF protection
+# IMPORTANT: Change this to a random string in production!
+# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
+SECRET_KEY=your-secret-key-here-change-in-production
+
+# SNEAKYSCANNER_ENCRYPTION_KEY: Used for encrypting sensitive settings in database
+# IMPORTANT: Change this to a random string in production!
+# Generate with: python3 -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
+SNEAKYSCANNER_ENCRYPTION_KEY=your-encryption-key-here
+
+# ================================
+# CORS Configuration
+# ================================
+# Comma-separated list of allowed origins for CORS
+# Use * to allow all origins (not recommended for production)
+CORS_ORIGINS=*
+
+# ================================
+# Logging Configuration
+# ================================
+# Log level: DEBUG, INFO, WARNING, ERROR, CRITICAL
+LOG_LEVEL=INFO
+
+# ================================
+# Scheduler Configuration
+# ================================
+# Number of thread pool executors for background scan jobs
+# Recommended: 2-4 for most deployments
+SCHEDULER_EXECUTORS=2
+
+# Maximum number of concurrent instances of the same job
+# Recommended: 3 for typical usage
+SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES=3
+
+# ================================
+# Optional: Application Password
+# ================================
+# If you want to set the application password via environment variable
+# Otherwise, set it via init_db.py --password
+# APP_PASSWORD=your-password-here