deploy: build locale immagine + allineamento Traefik

- build: . invece di pull da registry (non disponibile su VPS)
- certresolver: mytlschallenge (già configurato in Traefik)
- redirect HTTP→HTTPS gestito dall'entrypoint web globale

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

docker-compose.yml

@@ -2,13 +2,14 @@
 # Assume che Traefik sia già attivo sulla VPS con:
 #   - network esterna "traefik" (adatta nome se diverso)
 #   - entrypoint "websecure" su :443
-#   - certresolver "letsencrypt" configurato
+#   - certresolver "mytlschallenge" configurato
 #
 # Adattare eventualmente: nome network, entrypoint, certresolver.
 
 services:
   pm2d:
-    image: ${REGISTRY:-localhost:5000}/pm2d:${TAG:-latest}
+    build: .
+    image: pm2d:latest
     container_name: pm2d
     restart: unless-stopped
     environment:
@@ -27,19 +28,13 @@ services:
       - "traefik.http.routers.pm2d.rule=Host(`pm.tielogic.xyz`)"
       - "traefik.http.routers.pm2d.entrypoints=websecure"
       - "traefik.http.routers.pm2d.tls=true"
-      - "traefik.http.routers.pm2d.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.pm2d.tls.certresolver=mytlschallenge"
       - "traefik.http.services.pm2d.loadbalancer.server.port=${PORT:-8080}"
 
       # Middleware: upload fino a 50MB (default Traefik bufferizza a 4MB)
       - "traefik.http.middlewares.pm2d-bodysize.buffering.maxRequestBodyBytes=52428800"
       - "traefik.http.routers.pm2d.middlewares=pm2d-bodysize"
-
-      # Redirect HTTP → HTTPS
-      - "traefik.http.routers.pm2d-http.rule=Host(`pm.tielogic.xyz`)"
-      - "traefik.http.routers.pm2d-http.entrypoints=web"
-      - "traefik.http.routers.pm2d-http.middlewares=pm2d-redirect-https"
-      - "traefik.http.middlewares.pm2d-redirect-https.redirectscheme.scheme=https"
-      - "traefik.http.middlewares.pm2d-redirect-https.redirectscheme.permanent=true"
+      # Redirect HTTP → HTTPS è gestito globalmente dall'entrypoint `web` di Traefik
 
 networks:
   traefik: