Isolate Authority DB from Concelier write pressure

Problem: All 46+ services share one PostgreSQL database and connection
pool. When Concelier runs advisory sync jobs (heavy writes), the shared
pool starves Authority's OIDC token validation, causing login timeouts.

Fix: Create a dedicated stellaops_authority database on the same Postgres
instance. Authority gets its own connection string with an independent
Npgsql connection pool (Maximum Pool Size=20, Minimum Pool Size=2).

Changes:
- 00-create-authority-db.sql: Creates stellaops_authority database
- 04b-authority-dedicated-schema.sql: Applies full Authority schema
  (tables, indexes, RLS, triggers, seed data) to the dedicated DB
- docker-compose.stella-ops.yml: New x-postgres-authority-connection
  anchor pointing to stellaops_authority. Authority service env updated.
  Shared pool reduced to Maximum Pool Size=50.

The existing stellaops_platform.authority schema remains for backward
compatibility. Authority reads/writes from the isolated database.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

devops/compose/postgres-init/00-create-authority-db.sql

@@ -0,0 +1,15 @@
+-- Create dedicated Authority database for OIDC connection pool isolation.
+--
+-- Problem: When Concelier runs advisory sync jobs (heavy writes to
+-- stellaops_platform), the shared connection pool starves Authority's
+-- OIDC token validation, causing login timeouts.
+--
+-- Solution: Authority gets its own database with an independent Npgsql
+-- connection pool. Concelier and other services continue using
+-- stellaops_platform. Different database = separate pool automatically.
+--
+-- This script runs first (00-) to create the database before other
+-- init scripts run against stellaops_platform.
+
+SELECT 'CREATE DATABASE stellaops_authority OWNER stellaops'
+WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'stellaops_authority')\gexec