feat: initial T-Pot attack map with Spanish UI and Docker support

- Full Spanish interface (all UI text, popups, charts, tables)
- Dark and light mode support
- Disclaimer banner: no data logged, public European service
- Footer: Servicio ofrecido por Cloud Host (cloudhost.es)
- Docker: single container (Redis + DataServer + AttackMapServer)
- Remote T-Pot support via ELASTICSEARCH_URL env var (direct or SSH tunnel)
- Based on telekom-security/t-pot-attack-map (Apache 2.0)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -0,0 +1,27 @@
+services:
+  attackmap:
+    build: .
+    image: honeypot-es-attackmap:latest
+    container_name: honeypot-attackmap
+    restart: unless-stopped
+    ports:
+      - "${WEB_PORT:-8080}:8080"
+    environment:
+      # URL to remote T-Pot Elasticsearch
+      # Option 1: Direct (if ES is reachable from this host)
+      #   ELASTICSEARCH_URL=http://your-tpot-host:64298
+      # Option 2: Via SSH tunnel (run tunnel separately, see README)
+      #   ELASTICSEARCH_URL=http://host.docker.internal:64298
+      - ELASTICSEARCH_URL=${ELASTICSEARCH_URL:-http://localhost:9200}
+      - REDIS_HOST=localhost
+      - WEB_PORT=8080
+      - TPOT_ATTACKMAP_TEXT=${TPOT_ATTACKMAP_TEXT:-ENABLED}
+    extra_hosts:
+      # Allows container to reach the Docker host (for SSH tunnel scenario)
+      - "host.docker.internal:host-gateway"
+    healthcheck:
+      test: ["CMD", "python3", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8080')"]
+      interval: 30s
+      timeout: 10s
+      start_period: 30s
+      retries: 3