Defer follower proxy startup until after sync

[baelter]

Summary

• Move proxy creation and startup from Clustering::Client#initialize to after the first sync() completes in follow()
• Proxies are only created once (a proxies_started flag prevents re-creation on reconnect)

Motivation

During initial sync the leader is already under load transferring the full data set to the new follower. If the proxy ports are open during this window, clients can connect through the follower and add more work to the leader at the worst possible time. Deferring the proxies until sync is complete means the follower only starts accepting traffic once it is caught up.

Test plan

• make lint passes
• Existing clustering specs unaffected (all use proxy: false)
• Manual test: start a follower, verify ports are not open until sync completes

[claude]

Code Review

No issues found.

The change correctly defers proxy startup until after the first successful replication sync, preventing clients from connecting to a follower that hasn't synchronized yet. The implementation is clean:

• The local proxies_started flag properly gates proxy creation to a single invocation.
• Crystal's cooperative scheduling means no yield points exist within start_proxies, so close always sees consistent proxy instance variable state.
• The IO::Error rescue in the follow loop correctly covers socket bind errors from Proxy.new (via Socket::BindError < Socket::Error < IO::Error).
• The AMQP proxy header flag (true third arg to forward_to) is preserved correctly.