docs: Consolidate homelab documentation and update SSH guide

operations/new-app-deployment.md

@@ -0,0 +1,39 @@
+# SOP: Deploying a New Application
+
+This guide outlines the workflow for adding a new service to the homelab.
+
+## 1. Database Provisioning (Postgres)
+Most apps use the centralized `global_postgres` instance.
+
+1.  **Update Config:** Add the new database to the environment list in `/opt/docker/global-db/compose.yaml` for documentation.
+2.  **Manual Provisioning:** Run the following commands to create the database and user on the live instance:
+    ```bash
+    # Access the Postgres CLI
+    docker exec -it global_postgres psql -U postgres
+
+    # Run these SQL commands:
+    CREATE DATABASE app_name;
+    CREATE USER app_name WITH PASSWORD 'secure-password';
+    GRANT ALL PRIVILEGES ON DATABASE app_name TO app_name;
+    ALTER DATABASE app_name OWNER TO app_name;
+    ```
+
+## 2. Container Setup
+1.  **Directory:** Create a new directory under `/opt/docker/app_name`.
+2.  **Compose File:** Draft a `compose.yaml` file.
+    - Ensure it joins the `web_gateway` (for Cloudflare) and `db_network` (for Postgres).
+    - Use environment variables for DB credentials.
+3.  **Deployment:** Run `docker compose up -d`.
+
+## 3. Networking & Security
+1.  **Cloudflare Tunnel:** 
+    - Log in to Cloudflare Zero Trust Dashboard.
+    - Navigate to **Access > Tunnels**.
+    - Add a **Public Hostname** for the service (e.g., `app.davisdre.com`).
+2.  **Access Policy (Optional):** Add a Cloudflare Access Policy if MFA or WARP is required for this specific app.
+
+## 4. Integration
+1.  **Dashboard:** 
+    - Add the new app link to the Antigravity Dashboard on your local PC.
+    - `git push` the changes.
+    - On Linode, run `updatedash` to reflect changes.