fix(helm): address CodeRabbit review findings

NOTES.txt:
- Detect ingress scheme dynamically (http/https based on .Values.ingress.tls)
- Include first path in ingress URL output
- Use .Values.service.port in port-forward example instead of hardcoded 80
- Add -n {{ .Release.Namespace }} to all kubectl commands

postiz-config.yaml:
- Merge temporal enabled/external branches: external address now also emits
  TEMPORAL_NAMESPACE and TEMPORAL_TLS, not just TEMPORAL_ADDRESS

temporal-init-job.yaml:
- Use .Values.temporal.postgresql.seeds as PGHOST source (with fallback to
  bitnami sub-chart service name) so init job and runtime use the same host
- Switch to quoted heredoc (<<-'SQL') + psql --set to pass credentials as
  psql variables, preventing shell expansion from breaking on special chars

temporal-secret.yaml:
- Add required validation: temporal.postgresql.password must be set explicitly
  when temporal.enabled=true

values.yaml:
- Remove hardcoded default passwords (postgresPassword, temporal.postgresql.password)
  replaced with empty strings to avoid predictable default credentials

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

charts/postiz/templates/temporal-init-job.yaml

@@ -32,7 +32,7 @@ spec:
               done
           env:
             - name: PGHOST
-              value: {{ printf "%s-postgresql" .Release.Name | quote }}
+              value: {{ default (printf "%s-postgresql" .Release.Name) .Values.temporal.postgresql.seeds | splitList "," | first | quote }}
       containers:
         - name: create-temporal-user
           image: postgres:16-alpine
@@ -41,23 +41,25 @@ spec:
             - -c
             - |
               export PGPASSWORD="$POSTGRES_PASSWORD"
-              psql -h "$PGHOST" -U postgres <<-SQL
-                DO \$\$ BEGIN
-                  IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = '$TEMPORAL_USER') THEN
+              psql -h "$PGHOST" -U postgres \
+                --set=temporal_user="$TEMPORAL_USER" \
+                --set=temporal_pwd="$TEMPORAL_PWD" <<-'SQL'
+                DO $$ BEGIN
+                  IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = :'temporal_user') THEN
                     EXECUTE format(
                       'CREATE ROLE %I WITH LOGIN PASSWORD %L CREATEDB',
-                      '$TEMPORAL_USER',
-                      '$TEMPORAL_PWD'
+                      :'temporal_user',
+                      :'temporal_pwd'
                     );
-                    RAISE NOTICE 'Role $TEMPORAL_USER created.';
+                    RAISE NOTICE 'Role created.';
                   ELSE
-                    RAISE NOTICE 'Role $TEMPORAL_USER already exists, skipping.';
+                    RAISE NOTICE 'Role already exists, skipping.';
                   END IF;
-                END \$\$;
+                END $$;
               SQL
           env:
             - name: PGHOST
-              value: {{ printf "%s-postgresql" .Release.Name | quote }}
+              value: {{ default (printf "%s-postgresql" .Release.Name) .Values.temporal.postgresql.seeds | splitList "," | first | quote }}
             - name: POSTGRES_PASSWORD
               valueFrom:
                 secretKeyRef: