fix: address review feedback for backup infrastructure

- compose.yaml: rewrite db-backup to use heredoc script instead of inline
cron command, fixing date escaping and adding temp-file pipeline for
reliable error detection
- compose.yaml: fix pipefail issue by writing pg_dump to tmp file before
compression and rotation
- restore.sh: pass PGPASSWORD explicitly via docker compose exec -e
- restore.sh: use ". .env" with set -a/+a instead of fragile xargs export

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

scripts/restore.sh

@@ -11,7 +11,10 @@ PROJECT_ROOT="$(cd "${SCRIPT_DIR}/.." && pwd)"
 # Check required env
 if [ -z "${POSTGRES_PASSWORD:-}" ]; then
     if [ -f "${PROJECT_ROOT}/.env" ]; then
-        export $(grep -v '^#' "${PROJECT_ROOT}/.env" | xargs) 2>/dev/null || true
+        # shellcheck source=/dev/null
+        set -a
+        . "${PROJECT_ROOT}/.env"
+        set +a
     fi
 fi
 
@@ -57,12 +60,14 @@ echo ""
 echo "Restoring database from ${BACKUP_FILE}..."
 
 # Restore using docker compose exec to leverage the running postgres container
-docker compose -f "${PROJECT_ROOT}/compose.yaml" exec -T db psql \
+COMPOSE_ARGS="-f ${PROJECT_ROOT}/compose.yaml"
+
+docker compose ${COMPOSE_ARGS} exec -T -e PGPASSWORD="${POSTGRES_PASSWORD}" db psql \
     -U gmrelay \
     -d gmrelay_db \
     -c "DROP SCHEMA public CASCADE; CREATE SCHEMA public;" 2>/dev/null || true
 
-gunzip -c "${BACKUP_FILE}" | docker compose -f "${PROJECT_ROOT}/compose.yaml" exec -T db psql \
+gunzip -c "${BACKUP_FILE}" | docker compose ${COMPOSE_ARGS} exec -T -e PGPASSWORD="${POSTGRES_PASSWORD}" db psql \
     -U gmrelay \
     -d gmrelay_db