feat(glauth): merged shared dev GLAuth directory + compose + runbook (10.100.0.35)

Phase 0 of the shared-GLAuth standardization. config.toml = merged dc=zb,dc=local
directory (15 groups in partitioned 55xx/56xx/57xx families, 14 users incl.
multi-role spanning all groups, serviceaccount search account). compose runs one
glauth/glauth:latest on :3893. README is the deploy/verify runbook. Code-reviewed;
fixed scp -r idempotency in the deploy command (README + plan Task 4).

docs/plans/2026-06-04-shared-glauth-standardization.md

@@ -281,10 +281,14 @@ git commit -m "feat(glauth): merged shared dev GLAuth directory + compose + runb
 
 **Step 1: Resolve access.** Confirm `ssh dohertj2@10.100.0.35 'echo ok'` works. If it does NOT (currently the case from this Mac), STOP and either (a) have the user re-authorize this Mac's key on 35, or (b) hand the user `infra/glauth/` + the deploy command to run on 35. Do not proceed past this gate until GLAuth is up on 35.
 
-**Step 2: Deploy** (once access works):
+**Step 2: Deploy** (once access works). Copy the FILES into the dest dir (not the dir itself) so a
+re-deploy doesn't nest them at `~/zb-glauth/glauth/` (the `scp -r dir-into-existing-dir` trap):
 ```bash
-scp -r /Users/dohertj2/Desktop/scadaproj/infra/glauth dohertj2@10.100.0.35:~/zb-glauth
-ssh dohertj2@10.100.0.35 'cd ~/zb-glauth && docker compose up -d && docker ps --filter name=zb-shared-glauth'
+ssh dohertj2@10.100.0.35 'mkdir -p ~/zb-glauth'
+scp /Users/dohertj2/Desktop/scadaproj/infra/glauth/config.toml \
+    /Users/dohertj2/Desktop/scadaproj/infra/glauth/docker-compose.yml \
+    dohertj2@10.100.0.35:~/zb-glauth/
+ssh dohertj2@10.100.0.35 'cd ~/zb-glauth && docker compose up -d --force-recreate && docker ps --filter name=zb-shared-glauth'
 ```
 Expected: `zb-shared-glauth` container `Up`.