fix(topology): remove DMZ gateway auto-attach on LAN create

POST /topologies/{id}/lans previously called _auto_attach_gateway()
whenever a non-DMZ LAN was created, which wired the DMZ gateway decky
to every new subnet. That's why a deployed gateway ended up with
eth0..ethN on every LAN regardless of what the user drew in MazeNET.

Drop the auto-attach helper entirely. The DMZ_ORPHAN deploy-time
validator (decnet/topology/validate.py:65-110) stays strict — users
must explicitly wire the gateway to each subnet they want bridged,
which is the whole point of having a topology editor.

useMazeApi.ts: drop stale auto-bridge reference from comment.

decnet_web/src/components/MazeNET/useMazeApi.ts

@@ -89,9 +89,8 @@ export function adaptTopology(detail: TopologyDetail): HydratedTopology {
 
   // Home LAN = first edge; a multi-homed gateway is drawn inside its
   // home LAN, membership in others is expressed via the edge list.
-  // Gateways (forwards_l3) MUST render inside a DMZ — auto-bridge adds
-  // subnet edges after the original DMZ edge, but edge ordering from the
-  // backend is not guaranteed, so we pick DMZ explicitly for gateways.
+  // Gateways (forwards_l3) MUST render inside a DMZ — edge ordering from
+  // the backend is not guaranteed, so we pick the DMZ edge explicitly.
   const dmzIds = new Set(detail.lans.filter((l) => l.is_dmz).map((l) => l.id));
   const gatewayUuids = new Set(
     detail.edges.filter((e) => e.forwards_l3).map((e) => e.decky_uuid),