Enhancement: Docker compose missing resource limits and production hardening

[mrveiss]

Problem

docker-compose.yml has no resource limits, security hardening, or production-readiness features:

1. No memory/CPU limits — any container can consume all host resources
2. RedisInsight UI (port 8001) exposed without auth — data leak risk
3. All services on single flat network — no isolation between data/app layers
4. No log rotation config — Docker json-file driver will fill disk
5. No backup strategy for PostgreSQL volumes
6. Containers run as root — backend/SLM Dockerfiles don't create non-root user

Expected Fix

# Resource limits example
deploy:
  resources:
    limits:
      memory: 2G
      cpus: '2.0'

# Non-root user
RUN useradd -r -s /bin/false autobot
USER autobot

# Log rotation
logging:
  driver: json-file
  options:
    max-size: "50m"
    max-file: "5"

Discovered During

Working on #1809 Docker containerization.

[mrveiss]

Merged in PR #1930. Resource limits, localhost port binding, YAML anchors for logging, Prometheus/Grafana health checks, Ollama 8GB.