Assemble QMS app + SQLite refactor + Unraid single-container deploy

Reconstruct the full app from init-source overlays (base + fix-1..6 +
update-1..3, last-wins) at the repo root, complete the missing pieces so it
builds and runs, and stage the Unraid deployment.

App completion:
- types/index.ts: former Prisma enums as string-literal unions + AppUser
- pages/_app.tsx + styles/globals.css (mount AppProvider/ToastProvider)
- API routes: auth/login, auth/me, users, submissions (+REVIEW_READY notify),
  forms (list/create), notifications
- scripts/create-admin.js: idempotent first-admin bootstrap
- 14 unbuilt nav targets stubbed via ComingSoon placeholder

SQLite refactor (single-container, no external DB):
- schema provider -> sqlite; enums -> String; Json -> String;
  FormField.options String[] -> JSON-encoded String
- lib/forms.ts (de)serialises options at the DB boundary
- drop mode:"insensitive" (unsupported on SQLite)
- enum imports repointed from @prisma/client to @/types

Deploy:
- multi-stage Dockerfile (next build -> prod runner), docker-entrypoint.sh
  (prisma db push -> create-admin -> next start), .dockerignore
- docker-compose.yml: br0 10.2.0.x, /mnt/user/appdata/qms -> /data volume
- README rewritten for the Unraid/Gitea Actions flow; .env scrubbed of the
  live Supabase credential; vercel.json removed

Verified: next build clean (41 routes); live SQLite round-trip of
login/session, form options array, and submission -> REVIEW_READY.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

pages/api/forms/index.ts

@@ -0,0 +1,71 @@
+import type { NextApiRequest, NextApiResponse } from 'next'
+import { prisma } from '@/lib/prisma'
+import { requireAuth, logAction } from '@/lib/auth'
+import { serializeOptions, withParsedFields } from '@/lib/forms'
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const user = await requireAuth(req, res)
+  if (!user) return
+
+  if (req.method === 'GET') {
+    const { status } = req.query
+    const where: any = {}
+    if (status) where.status = String(status)
+
+    const forms = await prisma.buildForm.findMany({
+      where,
+      include: {
+        fields: { orderBy: { order: 'asc' } },
+        _count: { select: { submissions: true, fields: true } },
+      },
+      orderBy: { createdAt: 'desc' },
+    })
+
+    return res.json({ data: forms.map(f => withParsedFields(f)) })
+  }
+
+  if (req.method === 'POST') {
+    if (user.role !== 'ADMIN') return res.status(403).json({ error: 'Admin only' })
+
+    const { name, product, description, minSubmissions, fields } = req.body as {
+      name?: string
+      product?: string
+      description?: string
+      minSubmissions?: number
+      fields?: Array<{ label: string; type: string; hint?: string; options?: string[]; required?: boolean; trackStd?: boolean }>
+    }
+
+    if (!name) return res.status(400).json({ error: 'Form name is required' })
+
+    const form = await prisma.buildForm.create({
+      data: {
+        name,
+        product: product || null,
+        description: description || null,
+        minSubmissions: minSubmissions ?? 10,
+        status: 'DRAFT',
+        createdById: user.id,
+        fields: {
+          create: (fields || []).map((f, i) => ({
+            label: f.label,
+            type: f.type,
+            hint: f.hint || null,
+            options: serializeOptions(f.options),
+            required: !!f.required,
+            trackStd: f.trackStd !== false,
+            order: i,
+          })),
+        },
+      },
+      include: {
+        fields: { orderBy: { order: 'asc' } },
+        _count: { select: { submissions: true, fields: true } },
+      },
+    })
+
+    await logAction(user.id, 'CREATE', 'BuildForm', form.id, null, { name })
+    return res.status(201).json({ data: withParsedFields(form) })
+  }
+
+  res.status(405).end()
+}