feat: add observability and CLI enhancements

Audit logging:
- audit_log table with event tracking
- app/audit.py module with log_event(), query_audit_log()
- GET /audit endpoint (admin only)
- configurable retention and cleanup

Prometheus metrics:
- app/metrics.py with custom counters
- paste create/access/delete, rate limit, PoW, dedup metrics
- instrumentation in API routes

CLI clipboard integration:
- fpaste create -C/--clipboard (read from clipboard)
- fpaste create --copy-url (copy result URL)
- fpaste get -c/--copy (copy content)
- cross-platform: xclip, xsel, pbcopy, wl-copy

Shell completions:
- completions/ directory with bash/zsh/fish scripts
- fpaste completion --shell command

app/database.py

@@ -73,6 +73,23 @@ CREATE TABLE IF NOT EXISTS issued_certificates (
 CREATE INDEX IF NOT EXISTS idx_certs_fingerprint ON issued_certificates(fingerprint_sha1);
 CREATE INDEX IF NOT EXISTS idx_certs_status ON issued_certificates(status);
 CREATE INDEX IF NOT EXISTS idx_certs_ca_id ON issued_certificates(ca_id);
+
+-- Audit log for security events
+CREATE TABLE IF NOT EXISTS audit_log (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    timestamp INTEGER NOT NULL,
+    event_type TEXT NOT NULL,
+    client_id TEXT,
+    client_ip TEXT,
+    paste_id TEXT,
+    request_id TEXT,
+    outcome TEXT NOT NULL,
+    details TEXT
+);
+
+CREATE INDEX IF NOT EXISTS idx_audit_timestamp ON audit_log(timestamp);
+CREATE INDEX IF NOT EXISTS idx_audit_event_type ON audit_log(event_type);
+CREATE INDEX IF NOT EXISTS idx_audit_client_id ON audit_log(client_id);
 """
 
 # Password hashing constants