stage-17: operational hardening — .env keys, model status, backup

Three load-bearing operational pieces before any new features:

* .env.example committed, .env gitignored — per-developer API keys
  (THREATFOX_AUTH_KEY, OTX_API_KEY, NVD_API_KEY) ready for the registrations
  ahead; python-dotenv loads it in the venv CLI; compose picks it up via
  env_file: .env on the cockpit service.

* Cockpit /api/inference-status endpoint + a topbar status chip that polls it
  on page load — "model · live" green when up, "model · offline" amber when
  the inference server is unreachable. No more manual checking. Compose also
  gains a healthcheck on the inference service (applies on next recreate).

* New `psyc backup` command — tars the audit trail (db + sealed packages +
  recipient keys + ledger + datasets) to data/backups/psyc-data-<ts>.tar.gz.
  Excludes the HF model cache, mock-cert receipts, and the re-trainable
  adapters — the goal is the irrecoverable evidence, not bulk artifacts.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

.env.example

@@ -0,0 +1,20 @@
+# psyc — per-developer secrets. Copy to `.env` (already gitignored) and fill in.
+#
+#   cp .env.example .env
+#   # edit .env with your own keys
+#
+# Do not commit .env. Each developer keeps their own keys local.
+
+# --- CTI source API keys (sources we may add to Scoutline) ---
+# ThreatFox / abuse.ch — free auth key at https://auth.abuse.ch/
+THREATFOX_AUTH_KEY=
+# AlienVault OTX — free key at https://otx.alienvault.com/api
+OTX_API_KEY=
+# NIST NVD — free key at https://nvd.nist.gov/developers/request-an-api-key
+# (raises throttling from ~5 to ~50 requests / 30s)
+NVD_API_KEY=
+
+# --- Internal service URLs — overridden in docker compose; defaults for venv CLI ---
+# PSYC_MOCK_CERT_URL=http://127.0.0.1:8770
+# PSYC_INFERENCE_URL=http://127.0.0.1:8771
+# PSYC_DATA_DIR=./data