Fix remaining code quality and infrastructure items

- admin.py: remove unused get_current_user import
- feed.py, flock.py, other.py: add IntegrityError handling on POST/PUT
  endpoints; duplicate submissions now return 409 instead of crashing with
  a 500 error
- stats.py: extract magic numbers into named module-level constants
  (DAYS_ROLLING, DAYS_SHORT, PRECISION_AVG, PRECISION_HEN, PRECISION_COST);
  add return type annotations to _total_feed_cost and _total_other_cost;
  normalize both helpers to always return Decimal so budget_stats no longer
  needs Decimal(str(...)) workarounds; simplify _cpe/_cpd helpers
- dashboard.js: read --green CSS variable at runtime instead of hardcoding
  the hex value so chart color stays in sync with the stylesheet
- docker-compose.yml: add healthcheck to api service (polls /api/health
  every 30s) so Docker knows when the API is unhealthy; add password
  strength guidance comment above the db service

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -1,6 +1,8 @@
 services:
 
   # ── MySQL ────────────────────────────────────────────────────────────────────
+  # MYSQL_ROOT_PASSWORD and MYSQL_PASSWORD should each be 20+ random characters.
+  # Generate with: openssl rand -hex 16
   db:
     image: mysql:8.0
     restart: unless-stopped
@@ -42,6 +44,12 @@ services:
       ADMIN_USERNAME:   ${ADMIN_USERNAME}
       ADMIN_PASSWORD:   ${ADMIN_PASSWORD}
       JWT_SECRET:       ${JWT_SECRET}
+    healthcheck:
+      test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000/api/health')"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 15s
     depends_on:
       db:
         condition: service_healthy   # wait for MySQL to be ready before starting