Initial scaffold: README, distcc-avahi PKGBUILD, CI stub

- README documents repo layout, client setup (Arch+Debian),
  signing-key fingerprint, and infra TODOs.
- arch/distcc-avahi/: ALARM distcc PKGBUILD with --with-avahi,
  avahi dep, distccd.service + conf.d + tmpfiles.
- .gitea/workflows/build.yml: placeholder with wiring sketch
  for the real pipeline (runners, signing, scp publish).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.gitea/workflows/build.yml

@@ -0,0 +1,50 @@
+name: build and publish packages
+
+# STUB — wired in a follow-up session. Current design sketch:
+#
+#   jobs:
+#     arch-aarch64:
+#       runs-on: [self-hosted, alarm, aarch64]
+#       steps:
+#         - uses: actions/checkout@v4
+#         - name: makepkg
+#           run: |
+#             cd arch/distcc-avahi
+#             makepkg --nocheck --noconfirm --syncdeps
+#         - name: import signing key
+#           env:
+#             KEY: ${{ secrets.MARFRIT_REPO_PRIVATE_KEY }}
+#             PASS: ${{ secrets.MARFRIT_REPO_PASSPHRASE }}
+#           run: |
+#             echo "$KEY" | gpg --import
+#             echo "$PASS" > /tmp/pass
+#         - name: sign package
+#           run: |
+#             gpg --batch --pinentry-mode loopback --passphrase-file /tmp/pass \
+#                 --detach-sign --yes arch/distcc-avahi/*.pkg.tar.zst
+#         - name: publish to packages.reauktion.de
+#           env:
+#             SSH_KEY: ${{ secrets.MARFRIT_REPO_DEPLOY_KEY }}
+#           run: |
+#             mkdir -p ~/.ssh && echo "$SSH_KEY" > ~/.ssh/id_ed25519
+#             chmod 600 ~/.ssh/id_ed25519
+#             scp arch/distcc-avahi/*.pkg.tar.zst{,.sig} \
+#                 mfritsche@nc.reauktion.de:/srv/packages/arch/aarch64/
+#             # Regenerate db remotely (on an aarch64 runner with pacman):
+#             ssh mfritsche@nc.reauktion.de 'cd /srv/packages/arch/aarch64 && \
+#                 repo-add --sign --key 92D5E96D8F63C75E4116AA1FF5C8C4603D0D250C \
+#                 marfrit.db.tar.gz *.pkg.tar.zst'
+#
+# Runner requirements:
+#   - feynman (CT115 on data) currently has the Actions runner for ARM
+#     bare-metal builds. For ALARM packages we'd want either:
+#       (a) a dedicated ALARM runner container, OR
+#       (b) makechrootpkg inside feynman with an ALARM pacstrap.
+#   - x86_64 Arch runner: can live on any nuccie.
+#   - Debian runners: debootstrap bookworm/trixie for each arch.
+on: workflow_dispatch
+jobs:
+  placeholder:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo "build pipeline not yet wired — see file header"