Add TickTick integration, MCP server, and dev project tracking

New integration with TickTick API for project/task management:
- OAuth 2.0 auth flow (mcp-servers/ticktick/ticktick_auth.py)
- MCP server with 9 tools for Claude Code (ticktick_mcp.py)
- FastAPI service with SOPS vault credentials (api/services/ticktick_service.py)
- JWT-protected REST router at /api/ticktick/ (api/routers/ticktick.py)
- Credentials stored in SOPS vault (services/ticktick.sops.yaml)

Dev project tracking (hybrid TickTick + DB):
- New dev_projects table migration (14 columns, status index)
- TickTick "Dev Projects" list for mobile visibility
- First project seeded: TickTick Integration (linked both sides)

Security: .tokens.json gitignored, token file permissions restricted,
HTML-escaped OAuth callback, SOPS vault (not env vars) for secrets.

Also: Installed Tailscale on ACG-5070 for office network access.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

api/main.py

@@ -35,6 +35,7 @@ from api.routers import (
     version,
     quotes,
     admin_quotes,
+    ticktick,
 )
 
 # Import middleware
@@ -130,6 +131,9 @@ app.include_router(bulk_import.router, prefix="/api/bulk-import", tags=["Bulk Im
 app.include_router(quotes.router, prefix="/api/quotes", tags=["Quotes"])
 app.include_router(admin_quotes.router, prefix="/api/admin/quotes", tags=["Admin Quotes"])
 
+# External integrations
+app.include_router(ticktick.router, prefix="/api/ticktick", tags=["TickTick"])
+
 
 if __name__ == "__main__":
     import uvicorn