Fix Phase 5 review issues: SSTI, FK violation, sync rebuild

Fixes 5 issues identified by code-reviewer agent:

1. (Critical) EventLog.tracker_id now nullable - use None instead
   of 0 when tracker name doesn't match, avoiding FK constraint
   violations on PostgreSQL
2. (Critical) Replace jinja2.Environment with SandboxedEnvironment
   in all 3 server template rendering locations to prevent SSTI
3. (Important) Rebuild sync_client in _async_update_listener when
   server URL/key options change, propagate to all coordinators
4. (Important) Validate partial server config - require both URL
   and API key or neither, with clear error message
5. (Important) Name fire-and-forget sync task for debugging

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

custom_components/immich_album_watcher/__init__.py

@@ -406,10 +406,20 @@ async def _async_update_listener(
     # Update hub data
     entry.runtime_data.scan_interval = new_interval
 
+    # Rebuild sync client if server URL/key changed
+    server_url = entry.options.get(CONF_SERVER_URL, "")
+    server_api_key = entry.options.get(CONF_SERVER_API_KEY, "")
+    sync_client = None
+    if server_url and server_api_key:
+        from .sync import ServerSyncClient
+        sync_client = ServerSyncClient(hass, server_url, server_api_key)
+    entry_data["sync_client"] = sync_client
+
     # Update all subentry coordinators
     subentries_data = entry_data["subentries"]
     for subentry_data in subentries_data.values():
         subentry_data.coordinator.update_scan_interval(new_interval)
+        subentry_data.coordinator._sync_client = sync_client
 
     _LOGGER.info("Updated hub options (scan_interval=%d)", new_interval)