Update docker-compose files to use configurable environment variables

- Replace hardcoded paths with variables: STACKS_DIR, PROJECTS_DIR, MEDIA_DIR, DOWNLOAD_DIR
- Update .env.example with new variable definitions
- Remove unused .template files
- Enable configurable directory paths for stacks, media, and downloads

docker-compose/infrastructure/docker-compose.yml

@@ -8,12 +8,6 @@
 services:
   dockerproxy:
     # Docker socket proxy for security - provides safe Docker API access, must always run
-    # REQUIREMENTS FOR SABLIER INTEGRATION:
-    # 1. Docker daemon must be configured to listen on TCP port 2375 (not just unix socket)
-    # 2. Firewall must allow access to port 2375 from Sablier service
-    # 3. Docker daemon config should include: 'hosts': ['tcp://0.0.0.0:2375', 'unix:///var/run/docker.sock']
-    # 4. For security, consider restricting access to specific IP ranges or using TLS
-    # 5. dockerproxy runs for additional security but doesn't expose port 2375 (handled by Docker daemon)
     image: tecnativa/docker-socket-proxy:latest
     container_name: dockerproxy
     privileged: true
@@ -36,7 +30,6 @@ services:
       - homelab.category=infrastructure
       - homelab.description=Docker socket proxy for security
 
-
   # Watchtower - Automatic container updates
   watchtower:
     image: containrrr/watchtower:latest
@@ -171,12 +164,12 @@ services:
       - '8079:8443'
     volumes:
       - ./code-server/config:/config
-      - /opt/stacks:/opt/stacks  # Access to all stacks
+      - ${STACKS_DIR}:${STACKS_DIR}  # Access to all stacks
       - /mnt:/mnt:ro  # Read-only access to data
     environment:
       - PUID=1000
       - PGID=1000
-      - TZ=America/New_York
+      - TZ=${TZ}
       - PASSWORD=${CODE_SERVER_PASSWORD}
       - SUDO_PASSWORD=${CODE_SERVER_SUDO_PASSWORD}
     healthcheck: