Drop docs/deployment-plan.md (internal planning doc, kept out of the repo) and
replace the personal lab DB IP and host names in the env/compose/deploy docs with
generic placeholders, so the repo is safe to make public later.
docker-compose.prod.yml targets the server: Postgres is never published, the
app binds to 127.0.0.1 (Caddy proxies it), and every service has a memory/CPU cap
plus no-new-privileges / cap_drop / read-only rootfs. deploy/deploy.sh rolls out
main with a host-side build (migrations run via the entrypoint). CI type-checks
and builds the frontend and byte-compiles the backend on every push to main.