docs: add resource limits guide for low-RAM devices

- README: new section explaining WG_MEM_LIMIT / WG_MEMSWAP_LIMIT with
  per-RAM-tier values and host swap configuration for SBC boards
- CLAUDE.md: simplify resource limits table, drop device-specific
  measurements, reference README for per-board guidance
- .env.example: update comments with per-tier values and OOM warning

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

CLAUDE.md

@@ -60,12 +60,12 @@ Affects mostly SBC boards with custom BSP kernels, but can occur on any host whe
 
 The `wg-init` service handles this automatically: it runs `modprobe ip6_tables ip6table_nat` (with `SYS_MODULE` cap and `/lib/modules` bind-mounted read-only) before wg-easy starts. Failures are silenced (`|| true`) so the setup works on kernels where these modules are built-in or unavailable.
 
-**Resource limits** (`docker-compose.yml`):
+**Resource limits** (override via `.env`):
 
-| Variable | Default | Purpose |
+| Variable | Default | Notes |
 |---|---|---|
-| `WG_MEM_LIMIT` | `256m` | Hard memory cap for wg-easy |
-| `WG_MEMSWAP_LIMIT` | `256m` | Disables swap (swap = mem limit) |
-| `WG_CPUS` | `1.0` | CPU share (1 core) |
+| `WG_MEM_LIMIT` | `256m` | Hard cap for the wg-easy container |
+| `WG_MEMSWAP_LIMIT` | `256m` | Keep equal to `WG_MEM_LIMIT` to disable container swap |
+| `WG_CPUS` | `1.0` | `0.75` on single-core boards (Pi Zero, Pi 1) |
 
-Lower `WG_MEM_LIMIT` to `128m` on boards with less than 1 GB RAM. Do not set it below `96m` or the Node.js runtime will OOM-kill on startup.
+The limit exists to prevent Node.js from slowly growing over long uptime and triggering the host OOM-killer (symptom: SSH becomes unreachable). Do not go below `96m` or the runtime OOM-kills on startup. See README §Dispositivi a risorse limitate for per-board guidance and swap configuration.