initial: alpaclaudia paper-trading bot + dashboard

Python bot (bot/alpaclaudia): alpaca-py client, wheel strategy (CSP + covered
calls) plus equity trailing stops, risk gates (cash buffer, cost-basis guard,
per-symbol concentration cap), SQLite state log, Typer CLI (tick/loop/status/
report/dump-state), Discord daily report, pytest suite.

Next.js 14 dashboard (dashboard/): read-only — reads the bot's SQLite directly
and pulls live account/positions/orders from Alpaca. KPIs, equity chart,
positions, bot-intents audit table, and orders table. Dark UI with Tailwind.

systemd/: user-unit templates for the polling loop and the post-close report
timer.

docs/STRATEGY.md: wheel mechanics, risk invariants, later candidates.

Defaults to BOT_MODE=dry — nothing is submitted to Alpaca until explicitly
enabled in .env. ALPACA_ENV=paper by default; flipping to live requires an
explicit second guard.

dashboard/app/api/refresh/route.ts

@@ -0,0 +1,32 @@
+import { NextResponse } from "next/server";
+import { dbStatus, recentIntents, recentTicks } from "../../lib/db";
+import {
+  credentialsPresent,
+  getAccount,
+  getClock,
+  getOrders,
+  getPositions,
+} from "../../lib/alpaca";
+
+export const dynamic = "force-dynamic";
+
+export async function GET() {
+  const [account, positions, orders, clock] = await Promise.all([
+    getAccount(),
+    getPositions(),
+    getOrders(),
+    getClock(),
+  ]);
+  return NextResponse.json({
+    ok: true,
+    alpaca_connected: credentialsPresent(),
+    db: dbStatus(),
+    account,
+    clock,
+    positions,
+    orders,
+    ticks: recentTicks(300),
+    intents: recentIntents(200),
+    server_time: new Date().toISOString(),
+  });
+}