补充 release SpacetimeDB 健康检查与巡检防回退

增加 SpacetimeDB 阶段化健康检查与 /readyz 阶段输出
记录 procedure/reducer/read 失败的阶段和耗时
补充 release 健康巡检 systemd timer 与生产 ops 预检
同步 API 构建部署、provision 脚本和运维文档

deploy/systemd/genarrative-health-patrol.service

@@ -0,0 +1,20 @@
+[Unit]
+Description=Genarrative Production Health Patrol
+After=network-online.target genarrative-api.service spacetimedb.service nginx.service
+Wants=network-online.target
+ConditionPathExists=/opt/genarrative/current/scripts/ops/production-health-patrol.mjs
+
+[Service]
+Type=oneshot
+User=root
+Group=root
+WorkingDirectory=/opt/genarrative/current
+EnvironmentFile=-/etc/genarrative/health-patrol.env
+ExecStart=/usr/bin/node /opt/genarrative/current/scripts/ops/production-health-patrol.mjs --status-file /var/lib/genarrative/health-patrol/status.json
+TimeoutStartSec=30
+
+# 巡检只读 systemd、HTTP 和 journal；只允许写入自己的最近一次状态文件。
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=full
+ReadWritePaths=/var/lib/genarrative/health-patrol

deploy/systemd/genarrative-health-patrol.timer

@@ -0,0 +1,13 @@
+[Unit]
+Description=Run Genarrative Production Health Patrol
+
+[Timer]
+OnBootSec=2min
+OnCalendar=*-*-* *:0/5:00
+Persistent=true
+RandomizedDelaySec=30
+AccuracySec=30s
+Unit=genarrative-health-patrol.service
+
+[Install]
+WantedBy=timers.target