fix: CORS headers on /lnd-connect-info for cross-origin LND UI fetch

The LND UI runs on port 8081 (separate nginx container) but fetches
/lnd-connect-info from port 80. This is cross-origin, so browsers
block reading the response without CORS headers. Added dynamic
Access-Control-Allow-Origin from $http_origin.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

image-recipe/configs/nginx-archipelago.conf

@@ -154,11 +154,13 @@ server {
 
     location /lnd-connect-info {
         # Backend is localhost-only (127.0.0.1:5678) — no cookie gate needed
-        # LND UI iframe fetch can't reliably send cookies in all browsers
+        # CORS: LND UI runs on :8081 (cross-origin to :80), needs CORS headers
         proxy_pass http://127.0.0.1:5678/lnd-connect-info;
         proxy_http_version 1.1;
         proxy_set_header Host $host;
         proxy_set_header Cookie $http_cookie;
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Credentials "true" always;
     }
 
     # Content sharing — peer access over Tor (no auth)
@@ -808,11 +810,13 @@ server {
 
     location /lnd-connect-info {
         # Backend is localhost-only (127.0.0.1:5678) — no cookie gate needed
-        # LND UI iframe fetch can't reliably send cookies in all browsers
+        # CORS: LND UI runs on :8081 (cross-origin to :80), needs CORS headers
         proxy_pass http://127.0.0.1:5678/lnd-connect-info;
         proxy_http_version 1.1;
         proxy_set_header Host $host;
         proxy_set_header Cookie $http_cookie;
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Credentials "true" always;
     }
 
     # Content sharing — peer access over Tor (no auth)