fix: change gateway backend URLs from service name to host.docker.internal

Update gateway configuration to use host.docker.internal instead of backend service name for API communication. Add extra_hosts mapping in docker-compose to enable host.docker.internal resolution. Add NEXAVPN_BACKEND_HOST environment variable to .env.example with host.docker.internal default.

deploy/docker-compose.yml

@@ -69,12 +69,14 @@ services:
       - SYS_MODULE
     devices:
       - /dev/net/tun:/dev/net/tun
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
     environment:
       GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
       NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-}
       NEXAVPN_GATEWAY_NAME: ${NEXAVPN_GATEWAY_NAME:-primary-gateway}
-      NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://backend:8080/api/v1/gateway-agent}
-      NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://backend:8080/api/v1/gateway-agent/bootstrap}
+      NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://host.docker.internal:8080/api/v1/gateway-agent}
+      NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://host.docker.internal:8080/api/v1/gateway-agent/bootstrap}
       DEFAULT_GATEWAY_ENDPOINT: ${DEFAULT_GATEWAY_ENDPOINT:-localhost:51820}
       DEFAULT_VPN_CIDR: ${DEFAULT_VPN_CIDR:-100.96.0.0/24}
       NEXAVPN_API_TOKEN: ${NEXAVPN_API_TOKEN:-}
@@ -82,7 +84,7 @@ services:
       NEXAVPN_GATEWAY_INTERFACE: ${NEXAVPN_GATEWAY_INTERFACE:-wg0}
       NEXAVPN_UPLINK_INTERFACE: ${NEXAVPN_UPLINK_INTERFACE:-eth0}
       NEXAVPN_ENABLE_MASQUERADE: ${NEXAVPN_ENABLE_MASQUERADE:-true}
-      NEXAVPN_BACKEND_HOST: ${NEXAVPN_BACKEND_HOST:-backend}
+      NEXAVPN_BACKEND_HOST: ${NEXAVPN_BACKEND_HOST:-host.docker.internal}
     volumes:
       - ./scripts/gateway-entrypoint.sh:/scripts/gateway-entrypoint.sh:ro
       - gateway-state:/var/lib/nexavpn