- Security improvements: set -euo pipefail, secure .env loading, safe PGPASSWORD handling
- Add comprehensive logging to ./logs/ directory for all operations
- Implement SHA256 checksums for backup integrity verification
- Add lock file mechanism to prevent concurrent backups
- Improve error handling with detailed exit codes and cleanup functions
- Add safety backup of current DB before restore operations
- Backup docker-compose.yml before updates with auto-restore on failure
- Replace wget with curl for better reliability in health checks
- Use find -mindepth for safer data directory cleanup
- Add progress indicators with file sizes and operation statistics
- Validate paths and checksums before restore operations
- All operations now log to timestamped files with full traceability
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
eff651e720