chore: reduce polling log noise across backend and nginx (#336)

.env.example

@@ -11,10 +11,18 @@ PGID=1000
 
 PORT=3000
 CORS_ORIGINS=http://localhost:4174
-LOG_LEVEL=info
+LOG_LEVEL=warn
 # Levels: debug, info, warn, error, silent
 # Controls: backend Fastify logging, frontend nginx access logs (Docker),
 #           and frontend browser console (via build-time injection)
+#
+# Behavior per level:
+#   debug  — all app logs + all HTTP request logs (including polling endpoints)
+#   info   — all app logs + HTTP request logs, EXCEPT high-frequency polling
+#            (GET /doses/taken, GET /share/:token/doses, GET /health are hidden)
+#   warn   — only warnings and errors
+#   error  — only errors
+#   silent — no logs
 
 # Rate limit: max requests per minute per IP (default: 100)
 # Increase for development/testing environments
@@ -32,6 +40,9 @@ AUTH_ENABLED=false
 # Allow new user registrations (auto-enabled when no users exist)
 # REGISTRATION_ENABLED=false
 
+# Disable username/password form login (useful for OIDC-only setups)
+# FORM_LOGIN_ENABLED=true
+
 # JWT Secrets - REQUIRED when AUTH_ENABLED=true
 # Generate with: openssl rand -hex 32
 # JWT_SECRET=