[ci skip] Fix all active Prometheus alerts

- meshcentral: rename port from "https" to "http" — MeshCentral serves
  plain HTTP when REVERSE_PROXY=true, but Traefik inferred HTTPS from the
  port name, causing 100% 5xx errors
- osm-routing/otp: scale to 0 — TfL GTFS data expired, OTP crash-loops
  trying to build graph with no valid transit trips
- wireguard: add prometheus.io/port=9586 annotation — without it,
  Prometheus tried scraping all container ports (51820 UDP, 80)
- travel-blog: remove stale prometheus.io annotations and dead port 9113
  — nginx-exporter sidecar was commented out but annotations remained
- dawarich: remove prometheus.io annotations — exporter env vars are
  commented out so nothing listens on port 9394
- monitoring: raise CPU temp threshold 60°C→75°C (E5-2699 v4 Tcase is
  79°C), lower registry cache threshold 50%→25%, add minimum traffic
  floor (>0.1 req/s) to 4xx/5xx rate alerts to prevent false positives
  on low-traffic services

modules/kubernetes/meshcentral/main.tf

@@ -55,7 +55,7 @@ resource "kubernetes_deployment" "meshcentral" {
           image = "typhonragewind/meshcentral:latest"
           name  = "meshcentral"
           port {
-            name           = "https"
+            name           = "http"
             container_port = 443
           }
           env {
@@ -133,7 +133,7 @@ resource "kubernetes_service" "meshcentral" {
       app = "meshcentral"
     }
     port {
-      name     = "https"
+      name     = "http"
       port     = 443
       protocol = "TCP"
     }