Security fixes: non-root user, signup rate limiting, differentiated CORS, persistent usage tracking

Dockerfile.backup

@@ -0,0 +1,19 @@
+FROM node:22-bookworm-slim
+
+# Install Chromium (works on ARM and x86)
+RUN apt-get update && apt-get install -y --no-install-recommends \
+  chromium fonts-liberation \
+  && rm -rf /var/lib/apt/lists/*
+
+ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
+ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium
+
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci --omit=dev
+COPY dist/ dist/
+COPY public/ public/
+
+ENV PORT=3100
+EXPOSE 3100
+CMD ["node", "dist/index.js"]