feat: Production-ready Docker infrastructure with Directus CMS

- Add separated Docker Compose architecture (astro/infrastructure/override)
- Implement Directus + PostgreSQL with pinned versions (10.12.0/15.5-alpine)
- Add comprehensive database safety protections and backup scripts
- Configure production-ready NGINX reverse proxy setup
- Add container names, labels, and enhanced healthchecks
- Remove fallback environment variables for explicit production config
- Include log rotation and monitoring improvements

Infrastructure deployment:
- npm run docker:infrastructure:up (one-time setup)
- npm run docker:astro:up (regular deployments)
- npm run db:backup/restore/status (database management)

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

.env.infrastructure

@@ -0,0 +1,89 @@
+# Directus Infrastructure Environment Variables
+# Copy this file to .env.infrastructure.local on your server and fill in the values
+
+# =====================================
+# REQUIRED: Security Keys & Database  
+# =====================================
+
+# Generate these with: openssl rand -hex 32
+DIRECTUS_KEY=your-directus-key-here-32-chars-minimum-abcdef1234567890
+DIRECTUS_SECRET=your-directus-secret-here-32-chars-minimum-abcdef1234567890
+
+# Strong database password
+DIRECTUS_DB_PASSWORD=your-secure-database-password-here
+
+# =====================================
+# REQUIRED: Admin Account Setup
+# =====================================
+
+# Admin account created on first run only
+DIRECTUS_ADMIN_EMAIL=admin@blackcanyontickets.com
+DIRECTUS_ADMIN_PASSWORD=your-secure-admin-password-here
+
+# =====================================
+# REQUIRED: CORS Configuration
+# =====================================
+
+# Production domain(s) - REQUIRED, no fallbacks
+DIRECTUS_CORS_ORIGIN=https://portal.blackcanyontickets.com
+
+# =====================================
+# REQUIRED: Email Configuration  
+# =====================================
+
+# All email variables are REQUIRED - configure for production
+DIRECTUS_EMAIL_FROM=cms@blackcanyontickets.com
+DIRECTUS_EMAIL_TRANSPORT=smtp
+DIRECTUS_SMTP_HOST=smtp.resend.com
+DIRECTUS_SMTP_PORT=587
+DIRECTUS_SMTP_USER=resend
+DIRECTUS_SMTP_PASSWORD=your-resend-api-key-here
+
+# =====================================
+# SETUP INSTRUCTIONS
+# =====================================
+
+# 1. Copy this file: cp .env.infrastructure .env.infrastructure.local
+# 2. Generate random keys: openssl rand -hex 32
+# 3. Set strong passwords for database and admin
+# 4. Update CORS origins to match your domain(s)
+# 5. Configure email settings if needed
+# 6. Load environment: export $(cat .env.infrastructure.local | xargs)
+# 7. Start infrastructure: npm run docker:infrastructure:up
+
+# =====================================
+# DATABASE INITIALIZATION
+# =====================================
+
+# Directus will automatically:
+# - Create database tables on first run
+# - Set up admin user with DIRECTUS_ADMIN_EMAIL/PASSWORD
+# - Initialize storage and extensions directories
+# - Apply database migrations
+
+# Check logs if initialization fails:
+# docker logs bct-directus
+
+# =====================================
+# DATABASE SAFETY PROTECTIONS
+# =====================================
+
+# 🚨 IMPORTANT DATABASE SAFETY NOTES:
+
+# 1. Named volumes prevent accidental data loss:
+#    - postgres_data: PostgreSQL database files
+#    - directus_uploads: User uploaded files  
+#    - directus_extensions: Custom extensions
+
+# 2. Admin user only created if no users exist
+#    - Safe to restart containers without overwriting users
+#    - Set DIRECTUS_ALLOW_ADMIN_CREATION=false after first setup
+
+# 3. To completely reset database (⚠️  DATA LOSS):
+#    docker-compose -f docker-compose.infrastructure.yml down
+#    docker volume rm bct-whitelabel_postgres_data
+#    docker volume rm bct-whitelabel_directus_uploads 
+#    docker volume rm bct-whitelabel_directus_extensions
+
+# 4. To backup before major changes:
+#    docker exec bct-postgres pg_dump -U directus directus > backup.sql