Add multi-worker detection for APScheduler safety

- Add _check_single_worker_mode() to startup.py that detects and rejects
  multi-worker configurations, raising a clear RuntimeError with instructions
- Set BANGUI_WORKERS=1 as default in Dockerfile.backend
- Document single-worker requirement in compose.prod.yml
- Add 'Deployment Constraints' section to Architekture.md explaining why
  single-worker mode is required and detailing future multi-worker support
- Add '9.1 Background Tasks and Scheduler Architecture' section to
  Backend-Development.md documenting task structure and single-worker requirement
- Add comprehensive test suite (test_startup.py) covering all scenarios:
  allows single worker, rejects multi-worker, validates config format,
  and verifies informative error messages

This fix addresses TASK-002 which identified that in-process APScheduler is
unsafe in multi-worker deployments due to each worker creating independent
scheduler instances, causing duplicate background job execution.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Docker/Dockerfile.backend

@@ -56,7 +56,8 @@ VOLUME ["/data"]
 # Default environment values (override at runtime)
 ENV BANGUI_DATABASE_PATH="/data/bangui.db" \
     BANGUI_FAIL2BAN_SOCKET="/var/run/fail2ban/fail2ban.sock" \
-    BANGUI_LOG_LEVEL="info"
+    BANGUI_LOG_LEVEL="info" \
+    BANGUI_WORKERS="1"
 
 EXPOSE 8000
 

Docker/compose.prod.yml

@@ -58,6 +58,7 @@ services:
       BANGUI_FAIL2BAN_SOCKET: "/var/run/fail2ban/fail2ban.sock"
       BANGUI_FAIL2BAN_CONFIG_DIR: "/config/fail2ban"
       BANGUI_LOG_LEVEL: "info"
+      BANGUI_WORKERS: "1"  # APScheduler requires single worker — do not change
       BANGUI_SESSION_SECRET: "${BANGUI_SESSION_SECRET:?Set BANGUI_SESSION_SECRET}"
       BANGUI_TIMEZONE: "${BANGUI_TIMEZONE:-UTC}"
     volumes: