feat: initial WordPress Attack Intelligence API Docker stack

Port 3083, SQLite WAL, IP geo-enrichment, SSE live feed, rate limiter.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -0,0 +1,23 @@
+services:
+  attack-api:
+    build: .
+    container_name: attack-api
+    restart: unless-stopped
+    ports:
+      - "3083:3083"
+    volumes:
+      - attack-data:/data
+    environment:
+      - PORT=3083
+      - DB_PATH=/data/attacks.db
+      - NODE_ENV=production
+      - API_TOKEN=${API_TOKEN:-change-me-to-a-long-random-string}
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:3083/api/v1/health"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+
+volumes:
+  attack-data:
+    driver: local