chore: refactor setup scrpts (#288)

* refactor setup scrpts

* update docker compose to use dograh-init

* avoid creating unnecessary conf files

* fix local setup script

* add agents.md

docs/deployment/update.mdx

@@ -37,8 +37,8 @@ Always update **`dograh-api`** and **`dograh-ui`** to the **same tag**. The two
 
 - Asks for a target version (defaults to the latest release tag on GitHub).
 - Pulls `docker-compose.yaml` at that version and pins both `api` and `ui` images to it.
-- Regenerates `nginx.conf` and `turnserver.conf` from the upstream templates, so newer features (like [multi-worker scaling](/deployment/scaling)) are wired up correctly without manual editing.
-- Reads your existing `.env` and appends any new required keys with safe defaults — your `OSS_JWT_SECRET`, `TURN_SECRET`, and other values are never touched.
+- Refreshes the remote helper bundle (`remote_up.sh` plus shared templates/helpers).
+- Synchronizes the canonical remote keys in `.env` and validates the runtime config that `dograh-init` will render from it.
 - Backs up every file it changes with a `.bak.<timestamp>` suffix.
 
 From your install directory:
@@ -55,15 +55,14 @@ You'll be prompted for the target version, defaulting to the most recent release
 TARGET_VERSION=1.28.0 DOGRAH_UPDATE_YES=1 bash update_remote.sh
 ```
 
-After the script finishes, apply the update by recreating the stack:
+After the script finishes, apply the update through the validated startup wrapper:
 
 ```bash
-sudo docker compose --profile remote down
-sudo docker compose --profile remote up -d --pull always
+./remote_up.sh
 ```
 
 <Note>
-The script overwrites `docker-compose.yaml`, `nginx.conf`, and `turnserver.conf` from upstream templates. If you've made local edits to any of these (extra environment variables, custom ports, modified nginx routes), check the `.bak.<timestamp>` files after the update and re-apply your edits.
+The script overwrites `docker-compose.yaml` and the remote helper bundle (`remote_up.sh`, `scripts/run_dograh_init.sh`, `scripts/lib/setup_common.sh`, and `deploy/templates/*`) from the shared upstream deployment bundle. If you've made local edits to any of these, check the `.bak.<timestamp>` files after the update and re-apply your edits.
 </Note>
 
 ## Local deployment
@@ -100,11 +99,10 @@ curl http://localhost:8000/api/v1/health           # local
 
 ```bash
 cd dograh
-for f in docker-compose.yaml nginx.conf turnserver.conf .env; do
+for f in docker-compose.yaml nginx.conf turnserver.conf .env remote_up.sh scripts/run_dograh_init.sh scripts/lib/setup_common.sh deploy/templates/nginx.remote.conf.template deploy/templates/turnserver.remote.conf.template; do
     [[ -f "$f.bak.<timestamp>" ]] && cp "$f.bak.<timestamp>" "$f"
 done
-sudo docker compose --profile remote down
-sudo docker compose --profile remote up -d
+./remote_up.sh
 ```
 
 Your Postgres data volume persists across `down`/`up` cycles, so agents and call history are preserved.
@@ -138,6 +136,6 @@ sudo docker compose --profile remote up -d
 If you update the `pipecat` submodule, you **must** run `git submodule update --init --recursive` before rebuilding, or the Docker build will not pick up `pipecat` changes.
 </Warning>
 
-If you maintain a fork with local customizations on top of upstream, merging conflicts in `docker-compose.yaml`, `nginx.conf`, `turnserver.conf`, or `setup_remote.sh` is up to you — resolve them as you would any other git merge. Leave `OSS_JWT_SECRET` and `TURN_SECRET` in `.env` unchanged across updates to preserve sessions and WebRTC auth.
+If you maintain a fork with local customizations on top of upstream, merging conflicts in `docker-compose.yaml`, `remote_up.sh`, `scripts/run_dograh_init.sh`, `deploy/templates/*`, or `setup_remote.sh` is up to you — resolve them as you would any other git merge. Leave `OSS_JWT_SECRET` and `TURN_SECRET` in `.env` unchanged across updates to preserve sessions and WebRTC auth.
 
 The same migration warning above applies: rolling back across a schema change can leave the DB in a state the older API can't read.