feat: multi-domain nginx configs and TLS scripts for мои-товары.рф / my-products.ru

- nginx/nginx.conf: pre-generated config for both domains (IDN punycode for .рф)
- scripts/generate-nginx-conf.sh: generates sites-available config from template per domain
- scripts/init-letsencrypt.sh: accepts domain as arg (falls back to .env)
- README.md: updated deploy section, removed stale VK_WEIGHT_PRICE_MULTIPLIER, added sync/logs routes

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

README.md

@@ -101,7 +101,8 @@ run_sync_pipeline (beat entry)
   - **Create** (`allow_to_sell=true`, no `vk_product_id` yet): uploads default photo once per run, calls `market.add`, assigns to album, stores returned `vk_product_id`
   - **Update** (has `vk_product_id`): calls `market.edit` only if name, price, description, or stock_amount changed vs the cached VK state
   - **Skip**: product disabled and never pushed, or nothing changed
-- Price for weight measures (`г`, `гр`, etc.) is multiplied by `VK_WEIGHT_PRICE_MULTIPLIER` before conversion to kopecks
+- Price is multiplied by the per-user `price_multiplier` from `sync_configs` (configurable on the `/sync` page)
+- Description is built as `"Name (цена за N unit.)"` when the product has a `measure_name`
 
 Per-user failures are logged and skipped — one broken token does not block other users.
 Evotor stores that return `402 Payment Required` (subscription limit) are silently skipped at debug log level.
@@ -180,6 +181,13 @@ Evotor stores that return `402 Payment Required` (subscription limit) are silent
 | POST   | `/catalog/stores/{id}/toggle`                     | Enable / disable store sync                |
 | POST   | `/catalog/stores/{id}/groups/{gid}/toggle`        | Enable / disable group sync                |
 
+### Sync Settings (requires session)
+
+| Method   | Path             | Description                                          |
+|----------|------------------|------------------------------------------------------|
+| GET      | `/sync`          | Sync settings: task on/off switches, price multiplier |
+| POST     | `/sync/settings` | Save sync settings                                   |
+
 ### VK Catalog (requires session)
 
 | Method | Path                                  | Description                        |
@@ -187,6 +195,12 @@ Evotor stores that return `402 Payment Required` (subscription limit) are silent
 | GET    | `/vk-catalog/albums`                  | VK Market albums (product groups)  |
 | GET    | `/vk-catalog/albums/{id}/products`    | Products in a VK album             |
 
+### Admin Logs (`/admin`, roles: admin / system)
+
+| Method | Path          | Description                                           |
+|--------|---------------|-------------------------------------------------------|
+| GET    | `/admin/logs` | API request/response log viewer with filters and pagination |
+
 ### API Docs
 
 | Path     | Description |
@@ -215,7 +229,6 @@ All settings are read from environment variables or a `.env` file:
 | `CATALOG_REFRESH_INTERVAL_SECONDS` | `3600`                              | Sync pipeline interval in seconds     |
 | `VK_CATEGORY_ID`                   | `40932`                             | VK Market category ID for all products |
 | `VK_STOCK_AMOUNT`                  | `1000`                              | Stock amount set for in-sale products  |
-| `VK_WEIGHT_PRICE_MULTIPLIER`       | `10`                                | Price multiplier for weight-unit products (г, гр, …) |
 | `INVITE_EXPIRE_HOURS`              | `48`                                | Invite link TTL in hours              |
 | `EMAIL_PROVIDER`                   | `console`                           | Email provider (console / smtp / …)   |
 | `SMS_PROVIDER`                     | `console`                           | SMS provider                          |
@@ -235,18 +248,28 @@ Flower (queue monitor) at `http://localhost:5555`.
 
 ### First deploy (TLS)
 
-```bash
-# 1. Generate nginx config from template
-DOMAIN=yourdomain.com envsubst '${DOMAIN}' < nginx/nginx.conf.template > nginx/nginx.conf
+Run once per domain (repeat for every domain pointing to this server):
 
-# 2. Obtain TLS certificate (reads DOMAIN from .env automatically)
-sudo ./scripts/init-letsencrypt.sh
+```bash
+# 1. Obtain TLS certificate
+sudo ./scripts/init-letsencrypt.sh my-products.ru
+sudo ./scripts/init-letsencrypt.sh мои-товары.рф
+
+# 2. Generate nginx site config and symlink it into sites-enabled
+sudo ./scripts/generate-nginx-conf.sh my-products.ru
+sudo ./scripts/generate-nginx-conf.sh мои-товары.рф
 
 # 3. Reload nginx
 sudo systemctl reload nginx
 ```
 
-To change the domain later, repeat all three steps with the new domain.
+`generate-nginx-conf.sh` expands `nginx/nginx.conf.template` with the given domain and writes the result to `/etc/nginx/sites-available/<domain>.conf`, then creates a symlink in `sites-enabled`.
+
+Set up auto-renewal (if not already configured by certbot):
+
+```
+0 3 * * * root certbot renew --quiet && systemctl reload nginx
+```
 
 ### Development