fix: handle permission denied on backup directory

The backups directory may have been created by Docker/root, making it
unwritable by the deploy user. The script now detects this and attempts
to fix permissions automatically (chmod, then sudo chown as fallback).

Also added shared/db/backups to .gitignore.

.gitignore

@@ -3,6 +3,7 @@ node_modules
 docker-compose.override.yml
 shared/db-logs
 shared/db/data
+shared/db/backups
 shared/db/loga
 .cursor
 # dependencies (bun install)

shared/scripts/db-backup.sh

@@ -29,6 +29,16 @@ echo -e "${YELLOW}💾 Starting database backup...${NC}"
 
 mkdir -p "$BACKUP_DIR"
 
+# Ensure the backup directory is writable (may have been created by Docker/root)
+if [ ! -w "$BACKUP_DIR" ]; then
+  echo -e "  ${YELLOW}⚠️  Fixing backup directory permissions...${NC}"
+  chmod u+w "$BACKUP_DIR" 2>/dev/null || sudo chown "$(whoami)" "$BACKUP_DIR" 2>/dev/null || {
+    echo -e "  ${RED}✗${NC} Cannot write to $BACKUP_DIR"
+    echo "  Run: sudo chown $(whoami) $BACKUP_DIR"
+    exit 1
+  }
+fi
+
 if docker ps | grep -q aurora_db; then
   # Try to dump the database
   if docker exec aurora_db pg_dump -U "${DB_USER:-auroradev}" "${DB_NAME:-auroradev}" > "$BACKUP_FILE"; then