Promotes two previously manual-start Bun services to systemd
so they survive restarts + run continuously.
- ops/systemd/lakehouse-auditor.service — polls Gitea every 90s,
runs 4 audit checks per PR head SHA, posts commit status + review
comment. Runs as root to match existing lakehouse-* service
conventions on this host; can read /home/profit/.git-credentials
(0600 profit:profit).
- ops/systemd/lakehouse-context7-bridge.service — HTTP wrapper on
:3900 for Phase 45 doc-drift detection. Decoupled from gateway;
runs independently.
- ops/systemd/install.sh — idempotent installer (copy → daemon-reload
→ enable --now). Prints post-install active/enabled status.
- ops/systemd/README.md — run/stop/logs/pause docs.
Pause control stays per-service (bot.paused / auditor.paused files
at repo root). Not wired to branch protection yet — the auditor's
commit status is currently advisory, not enforcing. Flip via Gitea
branch_protections API when confident.
