docs: add HTTP transport documentation

Update README.md:
- Add HTTP transport usage section with examples
- Document HTTP endpoints (POST/GET/DELETE)
- Add HTTP-related NixOS module options to the table

Update CLAUDE.md:
- Update protocol description to include HTTP/SSE
- Add new transport files to repository structure
- Add Transports section explaining STDIO vs HTTP
- Add HTTP security hardening details
- Update CLI commands with HTTP transport examples

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

CLAUDE.md

@@ -15,7 +15,7 @@ The first MCP server provides search and query capabilities for NixOS configurat
 - **Language**: Go 1.24+
 - **Build System**: Nix flakes
 - **Databases**: PostgreSQL and SQLite (both fully supported)
-- **Protocol**: MCP (Model Context Protocol) - JSON-RPC over stdio
+- **Protocol**: MCP (Model Context Protocol) - JSON-RPC over STDIO or HTTP/SSE
 - **Module Path**: `git.t-juice.club/torjus/labmcp`
 
 ## Project Status
@@ -42,10 +42,14 @@ labmcp/
 │   │   ├── sqlite.go           # SQLite implementation
 │   │   └── *_test.go           # Database tests
 │   ├── mcp/
-│   │   ├── server.go           # MCP server loop
+│   │   ├── server.go           # MCP server core
 │   │   ├── handlers.go         # Tool implementations
 │   │   ├── types.go            # Protocol types
-│   │   └── server_test.go      # MCP tests
+│   │   ├── transport.go        # Transport interface
+│   │   ├── transport_stdio.go  # STDIO transport
+│   │   ├── transport_http.go   # HTTP/SSE transport
+│   │   ├── session.go          # HTTP session management
+│   │   └── *_test.go           # MCP tests
 │   └── nixos/
 │       ├── indexer.go          # Nixpkgs indexing
 │       ├── parser.go           # options.json parsing
@@ -91,24 +95,41 @@ All tools are implemented and functional:
 - File indexing enabled by default (use `--no-files` to skip)
 - Skips already-indexed revisions (use `--force` to re-index)
 
+### Transports
+- **STDIO**: Default transport, line-delimited JSON-RPC (for CLI/desktop MCP clients)
+- **HTTP**: Streamable HTTP transport with SSE (for web-based MCP clients)
+  - Session management with cryptographically secure IDs
+  - Configurable CORS (localhost-only by default)
+  - Optional TLS support
+  - SSE keepalive messages (15s default)
+
 ### Security
 - Revision parameter validated against strict regex to prevent Nix injection
 - Path traversal protection using `filepath.Clean()` and `filepath.IsAbs()`
 - NixOS module supports `connectionStringFile` for PostgreSQL secrets
 - Systemd service runs with extensive hardening options
+- HTTP transport hardening:
+  - Request body size limit (1MB default)
+  - Server timeouts (read: 30s, write: 30s, idle: 120s, header: 10s)
+  - Maximum session limit (10,000 default)
+  - Origin validation for CORS
 
 ## CLI Commands
 
 ```bash
-nixos-options serve              # Run MCP server on stdio
-nixos-options index <revision>   # Index a nixpkgs revision
-nixos-options index --force <r>  # Force re-index existing revision
-nixos-options index --no-files   # Skip file content indexing
-nixos-options list               # List indexed revisions
-nixos-options search <query>     # Search options
-nixos-options get <option>       # Get option details
-nixos-options delete <revision>  # Delete indexed revision
-nixos-options --version          # Show version
+nixos-options serve                    # Run MCP server on STDIO (default)
+nixos-options serve --transport http   # Run MCP server on HTTP
+nixos-options serve --transport http \
+  --http-address 0.0.0.0:8080 \
+  --allowed-origins https://example.com  # HTTP with custom config
+nixos-options index <revision>         # Index a nixpkgs revision
+nixos-options index --force <r>        # Force re-index existing revision
+nixos-options index --no-files         # Skip file content indexing
+nixos-options list                     # List indexed revisions
+nixos-options search <query>           # Search options
+nixos-options get <option>             # Get option details
+nixos-options delete <revision>        # Delete indexed revision
+nixos-options --version                # Show version
 ```
 
 ## Notes for Claude