Add ping and TCP monitor types

Adds ping and TCP monitor creation APIs, worker collectors, network checks UI, dashboard monitor status support, and progress documentation.

docs/agent-handoff.md

@@ -30,6 +30,7 @@ OrbitalWard is a secure monitoring appliance focused on the v0.1 vertical slice:
 - Website monitor create/edit/delete flow.
 - HTTP status and expected-text checks.
 - Optional TLS certificate expiry checks for HTTPS monitors.
+- Ping and TCP port monitor create/edit/delete flow.
 - Alert rules, incident opening/resolution, acknowledge, silence, and webhook notifications.
 - Generic webhook, Mattermost, and Zoom Team Chat notification channels.
 - Saved webhook URLs encrypted at rest and not returned to the UI.
@@ -43,6 +44,8 @@ After the rename and TLS expiry work, these checks passed in Docker:
 - `docker compose -f docker-compose.dev.yml exec -T frontend npm run typecheck`
 - `docker compose -f docker-compose.dev.yml exec -T worker python -m compileall app`
 - Backend health returned `{"status":"ok","service":"orbitalward-backend"}`.
+- Direct worker probes for TCP and ICMP ping checks passed inside the Docker network.
+- API probe created and deleted one ping monitor and one TCP monitor successfully.
 
 The final Compose project uses `orbitalward-*` containers, images, network, and volumes.
 
@@ -72,7 +75,7 @@ Issue source docs:
 - `docs/progress.md`
 - `docs/roadmap.md`
 
-Current completed items include TLS expiry monitor support, HTTP/website checks, basic alert evaluation, incident actions, and webhook notification channels. Next recommended work starts with ping and TCP port monitors.
+Current completed items include TLS expiry monitor support, HTTP/website checks, ping and TCP port checks, basic alert evaluation, incident actions, and webhook notification channels. The next recommended implementation issue is alert rule editing UI.
 
 ## Guardrails