feat(auth): integrate TinyAuth SSO for NetBox authentication

Deploy TinyAuth v4 as CT 115 (192.168.2.10) to provide centralized
SSO authentication for NetBox via Nginx Proxy Manager.

**New Infrastructure:**
- CT 115: TinyAuth authentication layer
- Domain: tinyauth.apophisnetworking.net
- Integration: NPM auth_request → TinyAuth → NetBox

**Configuration:**
- Docker Compose with bcrypt-hashed credentials
- NPM advanced config for auth_request integration
- HTTPS enforcement via SSL termination

**Issues Resolved:**
- 500 Internal Server Error (Nginx config syntax)
- "IP addresses not allowed" (APP_URL domain requirement)
- Port mapping (8000:3000 for internal port 3000)
- Invalid password (bcrypt hash requirement for v4)

**Documentation:**
- Complete TinyAuth README at services/tinyauth/README.md
- Updated CLAUDE_STATUS.md with CT 115 infrastructure
- Added bug report for scribe agent tool permissions

**Note:** Container restart required on CT 115 to apply bcrypt hash

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

disaster-recovery/homelab-export-20251211-144345/configs/backup/vzdump.conf

@@ -0,0 +1,20 @@
+# vzdump default settings
+
+#tmpdir: DIR
+#dumpdir: DIR
+#storage: STORAGE_ID
+#mode: snapshot|suspend|stop
+#bwlimit: KBPS
+#performance: [max-workers=N][,pbs-entries-max=N]
+#ionice: PRI
+#lockwait: MINUTES
+#stopwait: MINUTES
+#stdexcludes: BOOLEAN
+#mailto: ADDRESSLIST
+#prune-backups: keep-INTERVAL=N[,...]
+#script: FILENAME
+#exclude-path: PATHLIST
+#pigz: N
+#notes-template: {{guestname}}
+#pbs-change-detection-mode: legacy|data|metadata
+#fleecing: enabled=BOOLEAN,storage=STORAGE_ID