fix pull-through cache: remove maxsize, harden nginx caching [ci skip]

Root cause: storage.filesystem.maxsize (5GiB) caused Docker Registry to
delete blob data while keeping metadata. Registry then served 200 OK with
correct Content-Length but 0 bytes body. nginx cached these broken responses.

Fixes:
- Remove maxsize from dockerhub/ghcr proxy configs (rely on weekly GC)
- nginx: don't cache 206 responses, require 2 requests before caching
- Wiped corrupted cache on registry VM and fixed corrupted pause container
  blobs on node3/node4

modules/docker-registry/config-proxy.yaml.tpl

@@ -7,7 +7,6 @@ storage:
     blobdescriptor: inmemory
   filesystem:
     rootdirectory: /var/lib/registry
-    maxsize: 5GiB
   delete:
     enabled: true
   maintenance:

modules/docker-registry/config.yaml

@@ -7,7 +7,6 @@ storage:
     blobdescriptor: inmemory
   filesystem:
     rootdirectory: /var/lib/registry
-    maxsize: 5GiB
   delete:
     enabled: true
   maintenance:

modules/docker-registry/nginx_registry.conf

@@ -60,7 +60,8 @@ http {
             proxy_cache_lock_timeout 15m;
             proxy_cache_lock_age 15m;
             proxy_cache_use_stale updating;
-            proxy_cache_valid 200 206 24h;
+            proxy_cache_valid 200 24h;
+            proxy_cache_min_uses 2;
             proxy_cache_methods GET;
 
             proxy_read_timeout 900;
@@ -108,7 +109,8 @@ http {
             proxy_cache_lock_timeout 15m;
             proxy_cache_lock_age 15m;
             proxy_cache_use_stale updating;
-            proxy_cache_valid 200 206 24h;
+            proxy_cache_valid 200 24h;
+            proxy_cache_min_uses 2;
             proxy_cache_methods GET;
 
             proxy_read_timeout 900;