feat: production docker + documentation

- Backend Dockerfile: multi-stage build with venv, gunicorn+uvicorn workers, entrypoint runs alembic then gunicorn
- Frontend Dockerfile: multi-stage with npm ci, nginx:1.27-alpine runtime
- nginx.conf: gzip compression, security headers (X-Frame-Options, X-Content-Type-Options, etc.), static asset caching, correct API proxy preserving /api/ prefix
- docker-compose.yml: production config — db healthcheck, backend healthcheck, frontend depends_on backend healthy, no exposed backend port
- docker-compose.override.yml: dev hot-reload — uvicorn --reload with source mount, npm run dev on port 5173
- Rate limiting: slowapi middleware on /auth/login (10/min) and /auth/register (5/min)
- README.md: full documentation with architecture, quick start, API table, dev/prod instructions, tests
- .env.example: all variables documented with comments
- .gitignore: extended with *.pyc, *.cover, .ruff_cache, frontend/.vite, etc.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.override.yml

@@ -1,13 +1,18 @@
 services:
+  db:
+    ports:
+      - "${DB_PORT:-5432}:5432"
+
   backend:
-    build:
-      context: ./backend
-      dockerfile: Dockerfile
     command: uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload
     volumes:
       - ./backend:/app
+    ports:
+      - "${BACKEND_PORT:-8000}:8000"
     environment:
+      SECRET_KEY: ${SECRET_KEY:-dev-secret-not-for-production}
       DEBUG: "true"
+      CORS_ORIGINS: '["http://localhost:5173","http://localhost:3000","http://localhost"]'
 
   frontend:
     image: node:20-alpine
@@ -20,6 +25,8 @@ services:
       - "5173:5173"
     environment:
       NODE_ENV: development
+    depends_on:
+      - backend
 
 volumes:
   frontend_node_modules: