Add per-service customization, stealth hardening, and BYOS support

- HTTP: configurable server_header, response_code, fake_app presets
  (apache/nginx/wordpress/phpmyadmin/iis), extra_headers, custom_body,
  static files directory mount
- SSH/Cowrie: configurable kernel_version, hardware_platform, ssh_banner,
  and users/passwords via COWRIE_USERDB_ENTRIES; switched to build mode
  so cowrie.cfg.j2 persona fields and userdb.txt generation work
- SMTP: configurable banner and MTA hostname
- MySQL: configurable version string in protocol greeting
- Redis: configurable redis_version and os string in INFO response
- BYOS: [custom-*] INI sections define bring-your-own Docker services
- Stealth: rename all *_honeypot.py → server.py; replace HONEYPOT_NAME
  env var with NODE_NAME across all 22+ service templates and plugins;
  strip "honeypot" from all in-container file content
- Config: DeckyConfig.service_config dict; INI [decky-N.svc] subsections;
  composer passes service_cfg to compose_fragment
- 350 tests passing (100%)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

templates/cowrie/entrypoint.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 set -e
 
-# Render Jinja2 template using the venv's python (has jinja2)
+# Render Jinja2 config template
 /home/cowrie/cowrie-env/bin/python3 - <<'EOF'
 import os
 from jinja2 import Template
@@ -15,4 +15,19 @@ with open("/home/cowrie/cowrie-env/etc/cowrie.cfg", "w") as f:
     f.write(rendered)
 EOF
 
+# Write userdb.txt if custom users were provided
+# Format: COWRIE_USERDB_ENTRIES=root:toor,admin:admin123
+if [ -n "${COWRIE_USERDB_ENTRIES}" ]; then
+    USERDB="/home/cowrie/cowrie-env/etc/userdb.txt"
+    : > "$USERDB"
+    IFS=',' read -ra PAIRS <<< "${COWRIE_USERDB_ENTRIES}"
+    for pair in "${PAIRS[@]}"; do
+        user="${pair%%:*}"
+        pass="${pair#*:}"
+        uid=1000
+        [ "$user" = "root" ] && uid=0
+        echo "${user}:${uid}:${pass}" >> "$USERDB"
+    done
+fi
+
 exec authbind --deep /home/cowrie/cowrie-env/bin/twistd -n --pidfile= cowrie