Add backend runtime config validation

[TommoHCIO]

Summary

Closes #17.

Centralizes backend runtime configuration so the NestJS app validates configuration at startup, exposes typed injectable access for services, and avoids logging sensitive values.

Changes

• Added validateEnvironment fail-fast validation for:
  • PORT, throttling numbers, and indexer polling ranges
  • Stellar Horizon/Soroban RPC URLs
  • Stellar network passphrase and indexer contract settings
  • JWT secret length and production-only explicit secret requirement
• Added RuntimeConfigModule / RuntimeConfigService with typed getters for app, auth, Stellar, throttling, and indexer configuration.
• Replaced hardcoded SUPER_SECRET JWT setup with JwtModule.registerAsync using the typed runtime config.
• Moved app port selection and Stellar client URL wiring to the typed runtime config service.
• Added redaction helper and tests so sensitive config (JWT_SECRET, secret keys, tokens, passwords, API keys, etc.) is not exposed in safe config snapshots.
• Updated Horizon/Soroban tests to assert use of the typed runtime config service.

Verification

From veilend-backend:

npm install --package-lock=false
# added 786 packages, and audited 787 packages
# 30 vulnerabilities (21 moderate, 9 high) reported by npm audit

npm test -- --runInBand
# Test Suites: 6 passed, 6 total
# Tests: 35 passed, 35 total

npm run build
# nest build completed successfully

git diff --check
# exit_code 0, no output

Notes

• No secrets are committed or printed. The development/test JWT fallback is non-production only; production requires an explicit non-default JWT_SECRET.
• This PR keeps the existing package lock unchanged by using npm install --package-lock=false for local verification only.