Fix issues 3,5,6,7,8,9,11,15,16: security hardening and reliability improvements

- ansible.cfg: enable host_key_checking (closes #1)
- update_upgrade.yml: fix reboot crash on non-Debian hosts, exclude AnsibleHost from targets (closes #2, #7)
- deploy.yml: replace silent ignore_errors with real container health assertion (closes #3)
- redeploy.yml: same assertion fix + restic --overwrite always + RESTIC_RESTORE_PATH variable (closes #3, #4, #5)
- disaster.yml: same fixes as redeploy.yml (closes #3, #4, #5)
- docker_update_containers.yml: create missing playbook (closes #6)
- fresh_install.yml: add safety guard to abort if containers already running (closes #8)
- docker_status.yml: add become: true (closes #9)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

playbooks/update_upgrade.yml

@@ -1,5 +1,5 @@
 ---
-- hosts: all
+- hosts: "all:!AnsibleHost"
   gather_facts: true
 
   tasks:
@@ -19,7 +19,7 @@
 
     - name: Reboot the server (if required).
       ansible.builtin.reboot:
-      when: reboot_required_file.stat.exists == true 
+      when: reboot_required_file is defined and reboot_required_file.stat.exists
 
     - name: "Updating and Upgrading Yum Packages"
       yum:
@@ -42,7 +42,7 @@
         category_names: '*'
         reboot: true
       when: ansible_os_family == "Windows"
-    
+
     - name: Upgrade installed packages
       win_chocolatey:
         name: all