docs: Phase 7 — update docs to reflect optional services migration

Email, calendar, and files are now optional store services, not always-on
builtins. Updated README, QUICKSTART, Wiki, and service-developer-guide to
reflect: dynamic nav, optional service install flow, correct egress
identifiers (wireguard_ext/default vs wireguard/cell_internet), removed
builtin/store distinction from manifest reference, 7 core containers.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

README.md

@@ -16,15 +16,11 @@ Browser
                     ├── cell-dhcp         :67/udp        dnsmasq
                     ├── cell-ntp          :123/udp       chrony
                     ├── cell-wireguard    :51820/udp     WireGuard VPN
-                    ├── cell-mail         :25/:587/:993  Postfix + Dovecot
-                    ├── cell-radicale     127.0.0.1:5232 CalDAV/CardDAV
-                    ├── cell-webdav       127.0.0.1:8080 WebDAV
-                    ├── cell-rainloop     127.0.0.1:8888 Webmail (RainLoop)
-                    ├── cell-filegator    127.0.0.1:8082 File manager (Filegator)
                     └── cell-webui        :8081          React UI (Nginx)
+                    (+ per-service containers, started when a service is installed)
 ```
 
-All containers run on a custom Docker bridge network (`cell-network`, default subnet `172.20.0.0/16`). Static IPs per container are set in `docker-compose.yml` and can be overridden via `.env`.
+Core containers run on a Docker bridge network (`cell-network`, default subnet `172.20.0.0/16`). Static IPs per container are set in `docker-compose.yml` and can be overridden via `.env`. Installed service containers join the same network with their own compose projects managed by `ServiceComposer`.
 
 The Flask API (`api/app.py`) contains REST endpoints and a background health-monitoring thread. Service managers are instantiated as singletons in `api/managers.py`. The single source of truth for runtime configuration is `config/api/cell_config.json`, managed by `ConfigManager`.
 
@@ -46,9 +42,9 @@ The React frontend (`webui/`) is built with Vite + Tailwind CSS. All API calls g
 - **Cell-to-cell networking** — WireGuard-based site-to-site links between PIC cells with service-level access control (calendar, files, mail, WebDAV) and a peer-sync protocol.
 - **Certificate authority** — `vault_manager` issues and revokes TLS certificates for internal services.
 - **Network services** — CoreDNS (`.cell` TLD), dnsmasq DHCP, chrony NTP.
-- **Email** — Postfix + Dovecot via `docker-mailserver`.
-- **Calendar/contacts** — Radicale CalDAV/CardDAV.
-- **File storage** — WebDAV with per-user accounts; Filegator for browser-based file management.
+- **Email** _(optional, install via Service Store)_ — Postfix + Dovecot via `docker-mailserver`.
+- **Calendar/contacts** _(optional, install via Service Store)_ — Radicale CalDAV/CardDAV.
+- **File storage** _(optional, install via Service Store)_ — WebDAV with per-user accounts; Filegator for browser-based file management.
 - **Container manager** — start/stop/inspect containers, pull images, manage volumes via the Docker SDK.
 - **Firewall manager** — iptables rule management (`firewall_manager.py`).
 - **Structured logging** — JSON logs with rotation (5 MB / 5 backups per service), log search, and per-service verbosity control.
@@ -61,7 +57,7 @@ The React frontend (`webui/`) is built with Vite + Tailwind CSS. All API calls g
 - Docker Engine and Docker Compose (v2 plugin or v1 standalone)
 - Python 3.10+ (for `make setup` and local development; not needed at runtime)
 - 2 GB+ RAM, 10 GB+ disk
-- Ports available: 53, 67/udp, 80, 443, 51820/udp, 25, 587, 993
+- Ports available: 53, 67/udp, 80, 443, 51820/udp (plus 25, 587, 993 when the email service is installed)
 
 ---
 
@@ -87,22 +83,13 @@ Port assignments and container IPs are configured in `.env` in the project root.
 | Variable | Default | Description |
 |---|---|---|
 | `CELL_NETWORK` | `172.20.0.0/16` | Docker bridge subnet |
-| `CADDY_IP` through `FILEGATOR_IP` | `172.20.0.2`–`.13` | Static IP per container |
+| `CADDY_IP` through `WG_IP` | `172.20.0.2`–`.9` | Static IP per core container |
 | `DNS_PORT` | `53` | DNS (UDP + TCP) |
 | `DHCP_PORT` | `67` | DHCP (UDP) |
 | `NTP_PORT` | `123` | NTP (UDP) |
 | `WG_PORT` | `51820` | WireGuard listen port (UDP) |
 | `API_PORT` | `3000` | Flask API (127.0.0.1 only) |
 | `WEBUI_PORT` | `8081` | React UI |
-| `MAIL_SMTP_PORT` | `25` | SMTP |
-| `MAIL_SUBMISSION_PORT` | `587` | SMTP submission |
-| `MAIL_IMAP_PORT` | `993` | IMAP |
-| `RADICALE_PORT` | `5232` | CalDAV (127.0.0.1 only) |
-| `WEBDAV_PORT` | `8080` | WebDAV (127.0.0.1 only) |
-| `RAINLOOP_PORT` | `8888` | Webmail |
-| `FILEGATOR_PORT` | `8082` | File manager UI |
-| `WEBDAV_USER` | `admin` | WebDAV basic-auth username |
-| `WEBDAV_PASS` | _(unset)_ | WebDAV basic-auth password |
 | `FLASK_DEBUG` | _(unset)_ | Set to `1` for Flask debug mode; do not use in production |
 | `PUID` / `PGID` | current user | UID/GID passed to the WireGuard container |
 
@@ -116,18 +103,14 @@ Cell identity (cell name, domain mode, timezone) is set through the first-run wi
 
 - `80` / `443` — Caddy (HTTP/HTTPS reverse proxy)
 - `51820/udp` — WireGuard
-- `25` / `587` / `993` — mail
 - `53` — DNS
 - `67/udp` — DHCP
 - `8081` — Web UI
+- `25` / `587` / `993` — mail _(only when the email service is installed)_
 
 **Ports bound to `127.0.0.1` only:**
 
 - `3000` — Flask API
-- `5232` — Radicale (CalDAV)
-- `8080` — WebDAV
-- `8888` — Webmail
-- `8082` — Filegator
 
 The API uses session-based authentication (admin and peer roles). The Docker socket is mounted into `cell-api`; treat access to port 3000 as equivalent to root access on the host.