fix: address review findings for backup management

- HIGH: Add sync.Mutex to backup Engine to prevent concurrent
  backup/restore operations
- HIGH: Restore uses io.Copy instead of ReadFile to avoid OOM on
  large databases
- HIGH: Send HTTP response before closing DB during restore, then
  perform destructive operations in a goroutine
- HIGH: Create pre-restore safety backup before overwriting database
- HIGH: Autobackup cron reschedules dynamically when settings change
  via callback pattern (same as DNS provider changes)

internal/api/router.go

@@ -42,9 +42,10 @@ type Server struct {
 	dnsProvider          dns.Provider
 	onDNSProviderChanged DNSProviderChangedFunc
 
-	backupEngine *backup.Engine
-	dbPath       string
-	shutdownFunc func() // called after restore to trigger graceful shutdown
+	backupEngine         *backup.Engine
+	dbPath               string
+	shutdownFunc         func()                    // called after restore to trigger graceful shutdown
+	onBackupSettingsChanged func(enabled bool, intervalHours int) // called when backup settings change
 }
 
 // NewServer creates a new API Server with all required dependencies.
@@ -106,6 +107,11 @@ func (s *Server) SetShutdownFunc(fn func()) {
 	s.shutdownFunc = fn
 }
 
+// SetBackupSettingsChangedCallback sets the callback for when backup settings change.
+func (s *Server) SetBackupSettingsChangedCallback(fn func(enabled bool, intervalHours int)) {
+	s.onBackupSettingsChanged = fn
+}
+
 // SetDNSProvider sets the current DNS provider on the server.
 func (s *Server) SetDNSProvider(provider dns.Provider) {
 	s.dnsProviderMu.Lock()