chore: initial project setup with backend, frontend, and infrastructure

Add complete NexaPantry application structure including:
- Docker Compose configuration with PostgreSQL, Redis, FastAPI backend, worker, frontend and Caddy
- Environment configuration template with database, auth, and service settings
- GitHub Actions CI workflow for backend/frontend linting, testing, auditing and Docker builds
- AGPL-3.0 license and comprehensive README with setup, development, and security documentation
- Backend

scripts/backup.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+set -eu
+
+cd "$(dirname "$0")/.."
+mkdir -p backups
+docker compose exec postgres pg_dump -U "${POSTGRES_USER:-nexapantry}" "${POSTGRES_DB:-nexapantry}" > "backups/nexapantry-$(date +%Y%m%d-%H%M%S).sql"
+

scripts/restore.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env sh
+set -eu
+
+if [ $# -ne 1 ]; then
+  echo "Usage: scripts/restore.sh backups/file.sql" >&2
+  exit 1
+fi
+
+cd "$(dirname "$0")/.."
+docker compose exec -T postgres psql -U "${POSTGRES_USER:-nexapantry}" "${POSTGRES_DB:-nexapantry}" < "$1"
+

scripts/security-checks.sh

@@ -0,0 +1,29 @@
+#!/usr/bin/env sh
+set -eu
+
+cd "$(dirname "$0")/.."
+
+echo "Backend lint"
+(cd backend && ruff check app)
+
+echo "Backend tests"
+(cd backend && pytest)
+
+echo "Backend dependency audit"
+(cd backend && pip-audit)
+
+echo "Backend static security scan"
+(cd backend && bandit -q -r app -x app/tests)
+
+echo "Frontend lint, typecheck, tests and dependency audit"
+(cd frontend && npm run lint && npm run typecheck && npm test -- --run && npm audit --audit-level=moderate)
+
+cat <<'INFO'
+Container scan:
+  docker compose build
+  trivy image nexapantry-backend
+  trivy image nexapantry-frontend
+
+Secret scan:
+  gitleaks detect --source .
+INFO