Domain whitelist cleanup and fixes

Fixed issue #965

PostgreSQL updates/inserts ignored None/null values.
This is nice for new entries, but not for updates.
Added derive option to allways add these none/null values for Option<>
variables.

This solves issue #965

Warn on empty `ADMIN_TOKEN` instead of bailing out

The admin page will still be disabled.

Fixes #849.

Make web vault show a more informative error when browsers block WebCrypto in insecure contexts and update dependencies

This closes a loophole where org owners can invite new users from any domain.

* Make `SIGNUPS_DOMAINS_WHITELIST` override the `SIGNUPS_ALLOWED` setting.
  Otherwise, a common pitfall is to set `SIGNUPS_DOMAINS_WHITELIST` without
  realizing that `SIGNUPS_ALLOWED=false` must also be set.

* Whitespace is now accepted in `SIGNUPS_DOMAINS_WHITELIST`. That is,
  `foo.com, bar.com` is now equivalent to `foo.com,bar.com`.

* Add validation on `SIGNUPS_DOMAINS_WHITELIST`. For example, `foo.com,`
  is rejected as containing an empty token.

Fix Duo auth failure with non-lowercased email addresses

Fix attachment size limit calculation

The config values (in KB) need to be converted to bytes when comparing
against total attachment sizes.

Rebuild Dockerfiles to match latest Dockerfile.j2 template

Fix WebSocket notifications

Picks up a couple of missed changes from b837348b and ccf6ee79.

Ignore a missing `id` query param; it's unclear what this ID represents,
but it wasn't being used in the existing bitwarden_rs code, and no longer
seems to be sent in the latest versions of the official clients.

Healthcheck fixes/optimizations

* Switch healthcheck interval/timeout from 30s/3s to 60s/10s.
  30s interval is arguably overkill, and 3s timeout is definitely too short
  for lower end machines.
* Use HEALTHCHECK CMD exec form to avoid superfluous `sh` invocations.
* Add `--silent --show-error` flags to curl call to avoid progress meter being
  shown in healthcheck logs.

Update healthcheck script to handle alternate base dir

Handle `devicePushToken`

Mobile push isn't currently supported, but this should get rid of spurious
`Detected unexpected parameter during login: devicepushtoken` warnings.

Also renamed GIT_VERSION because that's not the only source anymore.

Fixed issue #908

The organization uuid is most of the time within the uri path as a
parameter. But sometimes it only is there as a query value.

This fix checks both, and returns the uuid when possible.

Sometimes an org-uuid is not within the path but in a query value,
This fixes the check for that.

Revert "Use opportunistic TLS in SMTP connections"

Fixing issue #759 by disabling Foreign Key Checks.

During migrations some queries are out of order regarding to foreign
keys.
Because of this the migrations fail when the sql database has this
enforced by default.
Turning of this check during the migrations will fix this and this is
only per session.

Fix alpine build with openssl crate as default

Upgrade rocket