fix: use named volume for production PostgreSQL to prevent data loss

Two issues caused DB reset on every deploy:

1. docker-compose.prod.yml used bind mount (./data/postgres) with
   PostgreSQL 18's incompatible /var/lib/postgresql/data path.

2. The Gitea CI runner shares Docker socket with the host, but
   ./data/postgres resolves to a temp path inside the runner container.
   Each deploy creates a fresh workspace, so the bind mount always
   points to an empty directory on the host.

Fix: Use a named Docker volume (same as docker-compose.yml dev config).
Named volumes are managed by Docker daemon directly, survive container
recreation, and don't depend on working directory resolution.

Also fix deploy.yml: remove unnecessary mkdir for data dirs, write
backup to /tmp instead of relative path.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.gitea/workflows/deploy.yml

@@ -39,14 +39,8 @@ jobs:
 
       - name: Backup database before deploy
         run: |
-          mkdir -p ./data/backups
           docker exec galaxis-po-db pg_dump -U ${{ secrets.DB_USER }} ${{ secrets.DB_NAME }} \
-            > ./data/backups/$(date +%Y%m%d_%H%M%S).sql 2>/dev/null || true
+            > /tmp/galaxis-po-backup-$(date +%Y%m%d_%H%M%S).sql 2>/dev/null || true
-
-      - name: Ensure data directories exist
-        run: |
-          mkdir -p ./data/postgres
-          mkdir -p ./data/backups
 
       - name: Deploy with Docker Compose
         run: |

docker-compose.prod.yml

@@ -1,5 +1,11 @@
 # Production Docker Compose
 # Usage: docker compose -f docker-compose.prod.yml up -d
+#
+# DB data is stored in a named volume (galaxis-po_postgres_data).
+# This survives container recreation and avoids path resolution issues
+# when deploying via CI runners with shared Docker sockets.
+# To back up: docker exec galaxis-po-db pg_dump -U $DB_USER $DB_NAME > backup.sql
+# Volume is only removed with: docker volume rm galaxis-po_postgres_data
 
 services:
   postgres:
@@ -10,7 +16,7 @@ services:
       POSTGRES_PASSWORD: ${DB_PASSWORD}
       POSTGRES_DB: ${DB_NAME}
     volumes:
-      - ./data/postgres:/var/lib/postgresql/data
+      - postgres_data:/var/lib/postgresql
     healthcheck:
       test: ["CMD-SHELL", "pg_isready -U ${DB_USER} -d ${DB_NAME}"]
       interval: 5s
@@ -63,3 +69,7 @@ services:
 networks:
   galaxy-net:
     driver: bridge
+
+volumes:
+  postgres_data:
+    driver: local