docs: replace MinIO with filesystem storage throughout

Remove all MinIO/S3 references from documentation and deployment
configs. Silo now uses local filesystem storage exclusively.

Updated files:
- docs/CONFIGURATION.md: storage section now documents filesystem backend
- docs/DEPLOYMENT.md: architecture diagram, external services, troubleshooting
- docs/INSTALL.md: remove MinIO setup, update architecture diagrams
- docs/SPECIFICATION.md: architecture, technology stack, file storage strategy
- docs/STATUS.md: storage backend status
- docs/GAP_ANALYSIS.md: file handling references
- docs/ROADMAP.md: file storage appendix entries
- deployments/config.prod.yaml: filesystem backend config
- deployments/systemd/silod.env.example: remove MinIO credential vars

docs/DEPLOYMENT.md

@@ -4,7 +4,7 @@
 > instructions. This document covers ongoing maintenance and operations for an
 > existing deployment.
 
-This guide covers deploying Silo to a dedicated VM using external PostgreSQL and MinIO services.
+This guide covers deploying Silo to a dedicated VM using external PostgreSQL and local filesystem storage.
 
 ## Table of Contents
 
@@ -26,28 +26,25 @@ This guide covers deploying Silo to a dedicated VM using external PostgreSQL and
 │  │                        silod                               │ │
 │  │                   (Silo API Server)                        │ │
 │  │                      :8080                                 │ │
+│  │              Files: /opt/silo/data                         │ │
 │  └───────────────────────────────────────────────────────────┘ │
 └─────────────────────────────────────────────────────────────────┘
-              │                               │
-              ▼                               ▼
-┌─────────────────────────┐     ┌─────────────────────────────────┐
-│  psql.example.internal  │     │    minio.example.internal       │
-│      PostgreSQL 16      │     │         MinIO S3                │
-│        :5432            │     │       :9000 (API)               │
-│                         │     │       :9001 (Console)           │
-└─────────────────────────┘     └─────────────────────────────────┘
+              │
+              ▼
+┌─────────────────────────┐
+│  psql.example.internal  │
+│      PostgreSQL 16      │
+│        :5432            │
+└─────────────────────────┘
 ```
 
 ## External Services
 
-The following external services are already configured:
-
-| Service | Host | Database/Bucket | User |
-|---------|------|-----------------|------|
+| Service | Host | Database | User |
+|---------|------|----------|------|
 | PostgreSQL | psql.example.internal:5432 | silo | silo |
-| MinIO | minio.example.internal:9000 | silo-files | silouser |
 
-Migrations have been applied to the database.
+Files are stored on the local filesystem at `/opt/silo/data`. Migrations have been applied to the database.
 
 ---
 
@@ -107,21 +104,15 @@ Fill in the values:
 # Database credentials (psql.example.internal)
 SILO_DB_PASSWORD=your-database-password
 
-# MinIO credentials (minio.example.internal)
-SILO_MINIO_ACCESS_KEY=silouser
-SILO_MINIO_SECRET_KEY=your-minio-secret-key
+
 ```
 
 ### Verify External Services
 
-Before deploying, verify connectivity to external services:
+Before deploying, verify connectivity to PostgreSQL:
 
 ```bash
-# Test PostgreSQL
 psql -h psql.example.internal -U silo -d silo -c 'SELECT 1'
-
-# Test MinIO
-curl -I http://minio.example.internal:9000/minio/health/live
 ```
 
 ---
@@ -183,6 +174,7 @@ sudo -E /opt/silo/src/scripts/deploy.sh
 | File | Purpose |
 |------|---------|
 | `/opt/silo/bin/silod` | Server binary |
+| `/opt/silo/data/` | File storage root |
 | `/opt/silo/src/` | Git repository checkout |
 | `/etc/silo/config.yaml` | Server configuration |
 | `/etc/silo/silod.env` | Environment variables (secrets) |
@@ -242,7 +234,7 @@ sudo journalctl -u silod --since "2024-01-15 10:00:00"
 # Basic health check
 curl http://localhost:8080/health
 
-# Full readiness check (includes DB and MinIO)
+# Full readiness check (includes DB)
 curl http://localhost:8080/ready
 ```
 
@@ -318,24 +310,6 @@ psql -h psql.example.internal -U silo -d silo -f /opt/silo/src/migrations/008_ne
 
 3. Check `pg_hba.conf` on PostgreSQL server allows connections from this host.
 
-### Connection Refused to MinIO
-
-1. Test network connectivity:
-   ```bash
-   nc -zv minio.example.internal 9000
-   ```
-
-2. Test with curl:
-   ```bash
-   curl -I http://minio.example.internal:9000/minio/health/live
-   ```
-
-3. Check SSL settings in config match MinIO setup:
-   ```yaml
-   storage:
-     use_ssl: true  # or false
-   ```
-
 ### Health Check Fails
 
 ```bash
@@ -345,7 +319,9 @@ curl -v http://localhost:8080/ready
 
 # If ready fails but health passes, check external services
 psql -h psql.example.internal -U silo -d silo -c 'SELECT 1'
-curl http://minio.example.internal:9000/minio/health/live
+
+# Check file storage directory
+ls -la /opt/silo/data
 ```
 
 ### Build Fails
@@ -460,10 +436,9 @@ sudo systemctl reload nginx
 
 - [ ] `/etc/silo/silod.env` has mode 600 (`chmod 600`)
 - [ ] Database password is strong and unique
-- [ ] MinIO credentials are specific to silo (not admin)
 - [ ] SSL/TLS enabled for PostgreSQL (`sslmode: require`)
-- [ ] SSL/TLS enabled for MinIO (`use_ssl: true`) if available
 - [ ] HTTPS enabled via nginx reverse proxy
+- [ ] File storage directory (`/opt/silo/data`) owned by `silo` user with mode 750
 - [ ] Silod listens on localhost only (`host: 127.0.0.1`)
 - [ ] Firewall allows only ports 80, 443 (not 8080)
 - [ ] Service runs as non-root `silo` user