refactor: 完成静态网站转换，移除所有 CMS 和动态功能

- 删除数据库相关代码 (src/db/)
- 删除 API 路由 (src/app/api/)
- 删除认证相关代码 (src/lib/auth/, src/providers/)
- 删除监控和安全中间件 (src/lib/security/, src/lib/monitoring/)
- 删除 hooks (use-news, use-products, use-services)
- 更新组件为静态数据源
- 添加 nginx 静态配置和部署脚本
- 添加 static-link 组件

nginx-static.conf

@@ -0,0 +1,100 @@
+# Novalon 静态站点 Nginx 配置
+# 用法：替换现有 nginx.conf，然后 nginx -t && nginx -s reload
+
+server {
+    listen 80;
+    server_name novalon.cn www.novalon.cn;
+    return 301 https://www.novalon.cn$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name novalon.cn www.novalon.cn;
+
+    # SSL 证书配置
+    ssl_certificate /etc/nginx/ssl/fullchain.pem;
+    ssl_certificate_key /etc/nginx/ssl/privkey.pem;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
+    # 静态文件根目录
+    root /var/www/novalon;
+    index index.html;
+
+    # Gzip 压缩
+    gzip on;
+    gzip_vary on;
+    gzip_proxied any;
+    gzip_comp_level 6;
+    gzip_min_length 256;
+    gzip_types
+        text/plain
+        text/css
+        text/xml
+        text/javascript
+        application/json
+        application/javascript
+        application/xml
+        application/rss+xml
+        image/svg+xml;
+
+    # 安全头
+    add_header X-DNS-Prefetch-Control "on" always;
+    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header Referrer-Policy "origin-when-cross-origin" always;
+    add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
+
+    # 静态资源长期缓存（带内容哈希的文件）
+    location /_next/static/ {
+        expires 1y;
+        add_header Cache-Control "public, max-age=31536000, immutable";
+        # 安全头需要重新添加（location 块会覆盖 server 级别的 add_header）
+        add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        try_files $uri =404;
+    }
+
+    # 字体文件缓存
+    location /fonts/ {
+        expires 1y;
+        add_header Cache-Control "public, max-age=31536000, immutable";
+        add_header Access-Control-Allow-Origin "*";
+        add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
+        try_files $uri =404;
+    }
+
+    # 图片文件缓存
+    location ~* \.(svg|jpg|jpeg|png|gif|webp|avif|ico)$ {
+        expires 1y;
+        add_header Cache-Control "public, max-age=31536000, immutable";
+        add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
+        try_files $uri =404;
+    }
+
+    # Let's Encrypt ACME challenge
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+        try_files $uri =404;
+    }
+
+    # Next.js 静态导出的页面路由
+    # /about -> /about.html 或 /about/index.html
+    location / {
+        try_files $uri $uri.html $uri/ /404.html;
+    }
+
+    # 自定义 404 页面
+    error_page 404 /404.html;
+
+    # 优化文件传输
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+}