Safer, cleaner server defaults

[devinivy]

Running on a host of 0.0.0.0 is not a safe default because it could inadvertently expose the app over the network. It's also not suggested to run nodejs without a reverse proxy or similar in front of it. Second, our debug defaults are redundant (implementation and internal tags both always come with an error tag) and introduce the NODE_ENV value 'development' which is not necessary or particularly 12 factor.