Add configurable allowlist to restrict who can create communities during alpha.
Self-hosters can set their own DID in the env var.

- Add allowedCommunityCreators field to CreateHandler
- Load comma-separated DIDs from COMMUNITY_CREATORS env var
- Return 403 CommunityCreationRestricted for non-allowed users
- Empty/unset env var allows all authenticated users
- Filter empty strings from allowlist defensively
- Add comprehensive unit tests for allowlist behavior

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

- Update Go to 1.24 in Dockerfile
- Fix migrations path (internal/db/migrations)
- Add /xrpc/_health endpoint for Docker healthcheck
- Fix PORT env var precedence (PORT > APPVIEW_PORT)
- Add custom lexicon Jetstream URLs
- Add CURSOR_SECRET env var
- Comment out partial email config (PDS requires both or neither)

- Update Go to 1.24 in Dockerfile
- Fix migrations path (internal/db/migrations)
- Add custom lexicon Jetstream URLs
- Add CURSOR_SECRET env var
- Comment out partial email config (PDS requires both or neither)

- Docker configuration (Dockerfile, docker-compose.prod.yml)
- Caddy reverse proxy with HSTS, CSP, wildcard SSL
- Deployment scripts (deploy.sh, setup-production.sh, backup.sh)
- DID key generation script
- OAuth callback with XSS protection
- Environment template (.env.prod.example)