fix(deploy): site clusters share the single OtOpcUa ConfigDb

The previous commit (961e094) gave each site cluster its own database
(OtOpcUa_SiteA / OtOpcUa_SiteB). That fights the architecture — ConfigDb
is multi-tenant by design: one schema with a ServerCluster table whose
rows scope the rest of the configuration via ClusterId. Per-cluster
databases would split the schema and force every singleton/coordinator
to point at a different connection string.

Correct model: one ConfigDb, three ServerCluster rows (MAIN / SITE-A /
SITE-B), each Akka cluster's ClusterNode rows pointing back at the
matching ClusterId. Akka mesh isolation is still enforced by the
disjoint seed-node lists (unchanged from the previous commit).

Compose: all eight host nodes now point at Server=sql,1433;Database=OtOpcUa
and the README documents the post-boot ServerCluster + ClusterNode rows
operators need to create via /clusters and /hosts before the runtime can
resolve its scope.

docker-dev/docker-compose.yml

@@ -1,7 +1,7 @@
 # docker-dev/ — Mac-friendly multi-cluster fleet for v2 development + manual UI exercise.
 #
-# Stack (3 separate Akka clusters sharing the same SQL + LDAP):
-#   sql        SQL Server 2022 (per-cluster ConfigDb databases)
+# Stack (3 separate Akka clusters — all share the single `OtOpcUa` ConfigDb):
+#   sql        SQL Server 2022 — hosts the one ConfigDb that all three clusters use
 #   ldap       OpenLDAP with the dev users from C:\publish\glauth\auth.md mirrored in
 #
 #   Main cluster (existing — split-role admin / driver pair on a single Akka mesh):
@@ -9,22 +9,26 @@
 #     admin-b   OtOpcUa.Host with OTOPCUA_ROLES=admin (joins admin-a)
 #     driver-a  OtOpcUa.Host with OTOPCUA_ROLES=driver (joins via admin-a)
 #     driver-b  OtOpcUa.Host with OTOPCUA_ROLES=driver (joins via admin-a)
-#     ConfigDb: OtOpcUa
 #
-#   Site A cluster (2-node fused admin+driver — its own ConfigDb + seed):
+#   Site A cluster (2-node fused admin+driver):
 #     site-a-1, site-a-2     OTOPCUA_ROLES=admin,driver, seed = site-a-1
-#     ConfigDb: OtOpcUa_SiteA
 #
-#   Site B cluster (2-node fused admin+driver — its own ConfigDb + seed):
+#   Site B cluster (2-node fused admin+driver):
 #     site-b-1, site-b-2     OTOPCUA_ROLES=admin,driver, seed = site-b-1
-#     ConfigDb: OtOpcUa_SiteB
 #
 #   traefik    PathPrefix → main cluster admin-a/admin-b; Host(`site-a.localhost`) →
 #              site-a-*; Host(`site-b.localhost`) → site-b-*. Add the two site hosts to
 #              your /etc/hosts (or rely on macOS `.localhost` auto-resolution).
 #
-# Cluster isolation is enforced by disjoint seed-node lists — Akka.Cluster gossip won't
-# cross between the three meshes even though they share the same system name "otopcua".
+# Multi-tenancy: ConfigDb is one schema with a `ServerCluster` table; each Akka cluster
+# corresponds to a row in it (ClusterId = "MAIN" / "SITE-A" / "SITE-B"), and each node's
+# `ClusterNode.NodeId` points back at the row that owns it. After first boot, sign in to
+# any cluster's Admin UI and create the matching ServerCluster + ClusterNode rows via
+# /clusters and /hosts so the runtime knows what configuration scope applies.
+#
+# Akka mesh isolation: same system name "otopcua" + same remoting port 4053 inside each
+# container's own network namespace, but with disjoint seed-node lists — gossip never
+# crosses between the three meshes.
 #
 # Usage:
 #   docker compose -f docker-dev/docker-compose.yml up -d --build
@@ -133,15 +137,16 @@ services:
       - "4841:4840"
 
   # ── Site A cluster (2-node fused admin+driver) ──────────────────────────────
-  # Its own ConfigDb (OtOpcUa_SiteA) + its own seed (site-a-1) → Akka isolation
-  # from the main cluster and from site B. Both nodes carry both roles.
+  # Shares the OtOpcUa ConfigDb with the main + site-b clusters; multi-tenancy is
+  # enforced by ServerCluster.ClusterId rows (configure via /clusters after boot).
+  # Akka isolation comes from the disjoint seed list (seed = site-a-1).
 
   site-a-1:
     <<: *otopcua-host
     environment:
       OTOPCUA_ROLES: "admin,driver"
       ASPNETCORE_URLS: "http://+:9000"
-      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa_SiteA;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
+      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
       Cluster__Hostname: "0.0.0.0"
       Cluster__Port: "4053"
       Cluster__PublicHostname: "site-a-1"
@@ -165,7 +170,7 @@ services:
     environment:
       OTOPCUA_ROLES: "admin,driver"
       ASPNETCORE_URLS: "http://+:9000"
-      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa_SiteA;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
+      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
       Cluster__Hostname: "0.0.0.0"
       Cluster__Port: "4053"
       Cluster__PublicHostname: "site-a-2"
@@ -188,7 +193,7 @@ services:
     environment:
       OTOPCUA_ROLES: "admin,driver"
       ASPNETCORE_URLS: "http://+:9000"
-      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa_SiteB;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
+      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
       Cluster__Hostname: "0.0.0.0"
       Cluster__Port: "4053"
       Cluster__PublicHostname: "site-b-1"
@@ -212,7 +217,7 @@ services:
     environment:
       OTOPCUA_ROLES: "admin,driver"
       ASPNETCORE_URLS: "http://+:9000"
-      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa_SiteB;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
+      ConnectionStrings__ConfigDb: "Server=sql,1433;Database=OtOpcUa;User Id=sa;Password=OtOpcUa!Dev123;TrustServerCertificate=True;"
       Cluster__Hostname: "0.0.0.0"
       Cluster__Port: "4053"
       Cluster__PublicHostname: "site-b-2"