feat: configure Caddy for ss3k.schaunwama.de via PHP-FPM Unix socket

Replaces TCP app:9000 with a shared Unix socket volume, adds domain
with automatic Let's Encrypt TLS, and exposes ports 80/443 on Caddy.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -8,6 +8,7 @@ services:
       HOME: /tmp
     volumes:
       - .:/var/www
+      - php_socket:/var/run/php
     depends_on:
       postgres:
         condition: service_healthy
@@ -17,10 +18,14 @@ services:
 
   caddy:
     image: caddy:2-alpine
+    ports:
+      - "80:80"
+      - "443:443"
     volumes:
       - ./docker/caddy/Caddyfile:/etc/caddy/Caddyfile
       - .:/var/www
       - caddy_data:/data
+      - php_socket:/var/run/php
     depends_on:
       - app
 
@@ -117,3 +122,12 @@ volumes:
   postgres_data:
   redis_data:
   caddy_data:
+  php_socket:
+
+networks:
+  default:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.18.0.0/24
+          gateway: 172.18.0.1

docker/app/Dockerfile

@@ -17,3 +17,4 @@ COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
 WORKDIR /var/www
 
 COPY docker/app/php.ini /usr/local/etc/php/conf.d/app.ini
+COPY docker/app/www.conf /usr/local/etc/php/php-fpm.d/www.conf

docker/app/www.conf

@@ -0,0 +1,3 @@
+[www]
+listen = /var/run/php/php-fpm.sock
+listen.mode = 0660

docker/caddy/Caddyfile

@@ -2,9 +2,9 @@
     admin off
 }
 
-:80 {
+ss3k.schaunwama.de {
     root * /var/www/public
-    php_fastcgi app:9000
+    php_fastcgi unix//var/run/php/php-fpm.sock
     file_server
     encode gzip