feat: refactor Dockerfile to multi-stage build with security improvements

- Refactored from single-stage to proper multi-stage build
- Added cache mount for npm (npx tailwindcss)
- Added non-root nginx user (nginx-user:1000)
- Added .dockerignore to exclude dev files
- Configured proper permissions for nginx directories and pid file
- Major improvements: smaller image, faster builds, better security

Co-Authored-By: Paperclip <noreply@paperclip.ing>

.dockerignore

@@ -0,0 +1,10 @@
+*.local
+.vscode
+.idea
+.DS_Store
+.env
+.env.*
+.git
+.gitignore
+README.md
+.github