fix: address review findings for backup management

- HIGH: Add sync.Mutex to backup Engine to prevent concurrent
  backup/restore operations
- HIGH: Restore uses io.Copy instead of ReadFile to avoid OOM on
  large databases
- HIGH: Send HTTP response before closing DB during restore, then
  perform destructive operations in a goroutine
- HIGH: Create pre-restore safety backup before overwriting database
- HIGH: Autobackup cron reschedules dynamically when settings change
  via callback pattern (same as DNS provider changes)

internal/backup/engine.go

@@ -5,6 +5,7 @@ import (
 	"log/slog"
 	"os"
 	"path/filepath"
+	"sync"
 	"time"
 
 	"github.com/alexei/docker-watcher/internal/store"
@@ -12,6 +13,7 @@ import (
 
 // Engine manages database backup operations.
 type Engine struct {
+	mu        sync.Mutex
 	store     *store.Store
 	dbPath    string
 	backupDir string
@@ -38,6 +40,9 @@ func (e *Engine) BackupDir() string {
 // CreateBackup creates a new database backup using VACUUM INTO.
 // Returns the backup metadata record.
 func (e *Engine) CreateBackup(backupType string) (store.Backup, error) {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+
 	timestamp := time.Now().UTC().Format("20060102-150405")
 	filename := fmt.Sprintf("docker-watcher-%s-%s.db", backupType, timestamp)
 	destPath := filepath.Join(e.backupDir, filename)