feat: add Docker secrets support for sensitive env vars

[rafaelfariasbsb]

Summary

• Add _FILE suffix convention for sensitive environment variables (GLPI_DB_PASSWORD_FILE, GLPI_DB_USER_FILE, etc.)
• Auto-detect secrets from /run/secrets/ (Docker Swarm, Kubernetes, Podman)
• Fallback to standard environment variables for backward compatibility
• Error handling for conflicts (both VAR and VAR_FILE set) and missing files

Follows the standard pattern used by official Docker images (MySQL, MariaDB, PostgreSQL), as discussed in #194.

Changes

File	Description
glpi/files/opt/glpi/entrypoint/load-secrets.sh	New script with file_env() function for secret resolution
glpi/files/opt/glpi/entrypoint.sh	Source load-secrets.sh before other entrypoint scripts
README.md	Documentation with examples for Docker Compose and Docker Swarm

Resolution order

1. VAR_FILE — reads content from the file path specified
2. /run/secrets/VAR — auto-detection of Docker Swarm / Kubernetes / Podman secrets
3. VAR — standard environment variable (existing behavior, no breaking change)

Test plan

• Env var fallback works (existing behavior preserved)
• _FILE variable reads content from file and unsets _FILE var
• Conflict detection: error when both VAR and VAR_FILE are set
• Missing file detection: error with clear message when file doesn't exist
• Docker image builds successfully

Closes #194

🤖 Generated with Claude Code

[froozeify]

I think docker-compose could also have secrets.
So the section Example with Docker Swarm is a bit misleading,
We could propose both, and I'd say even more the swarm one should be the first proposed as it's cleaner.

In the example we could also explain various secrets possible settings like :

...
secrets:
  # Various secret source is possible
  db_password: 
    file: ./db_password.txt # From a file
    # environment: DB_PWD # From an env var
    # external: true # External secret