feat: Rebrand to License Authority with Govt of Goa branding

- Replace TLAS with License Authority throughout documentation
- Add Government of Goa emblem/logo (Ashoka Chakra style)
- Update frontend branding to match documentation
- Add configurable Swagger API link via VITE_API_BASE_URL env var
- Fix Docker build for VitePress (git dependency, .dockerignore)
- Fix helmet security headers for HTTP deployments
- Add CORS support for VM deployment

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

backend/src/main.ts

@@ -23,8 +23,17 @@ async function bootstrap(): Promise<void> {
   const corsOrigin = configService.get<string>('app.corsOrigin', 'http://localhost:3000');
   const swaggerEnabled = configService.get<boolean>('app.swaggerEnabled', true);
 
-  // Security middleware
-  app.use(helmet());
+  // Security middleware - configure helmet based on environment
+  const isProduction = configService.get<string>('NODE_ENV') === 'production';
+  const useHttps = configService.get<boolean>('app.useHttps', false);
+
+  app.use(helmet({
+    contentSecurityPolicy: isProduction ? undefined : false,
+    crossOriginEmbedderPolicy: false,
+    crossOriginOpenerPolicy: false,
+    crossOriginResourcePolicy: false,
+    hsts: useHttps, // Only enable HSTS when using HTTPS
+  }));
   app.use(compression());
 
   // CORS configuration - Allow configured origin plus local development origins
@@ -33,6 +42,8 @@ async function bootstrap(): Promise<void> {
     'http://localhost:4200',
     'http://localhost:3000',
     'http://localhost:8080',
+    'http://104.211.94.205:3001',
+    'http://104.211.94.205',
   ].filter(Boolean);
   app.enableCors({
     origin: (origin, callback) => {