diagnose and fix: removed rm for skymoney data in deploy)

scripts/guard-prod-volume.sh

@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+VOLUME_NAME="${PROD_DB_VOLUME_NAME:-skymoney_pgdata}"
+ALLOW_EMPTY="${ALLOW_EMPTY_PROD_VOLUME:-0}"
+DOCKER_CMD="${DOCKER_CMD:-docker}"
+
+if ! $DOCKER_CMD volume inspect "$VOLUME_NAME" >/dev/null 2>&1; then
+  if [[ "$ALLOW_EMPTY" == "1" ]]; then
+    echo "WARN: volume '$VOLUME_NAME' is missing, but ALLOW_EMPTY_PROD_VOLUME=1; continuing."
+    exit 0
+  fi
+  echo "ERROR: required volume '$VOLUME_NAME' does not exist."
+  echo "Refusing deploy because this can indicate destructive data loss (e.g., volume deletion)."
+  echo "If this is an intentional first-time init, set ALLOW_EMPTY_PROD_VOLUME=1 for one run."
+  exit 1
+fi
+
+if $DOCKER_CMD run --rm -v "${VOLUME_NAME}:/var/lib/postgresql/data" alpine sh -lc "test -f /var/lib/postgresql/data/PG_VERSION"; then
+  echo "Production volume guard passed: '$VOLUME_NAME' contains PostgreSQL data."
+  exit 0
+fi
+
+if [[ "$ALLOW_EMPTY" == "1" ]]; then
+  echo "WARN: volume '$VOLUME_NAME' is empty/uninitialized, but ALLOW_EMPTY_PROD_VOLUME=1; continuing."
+  exit 0
+fi
+
+echo "ERROR: volume '$VOLUME_NAME' exists but appears empty/uninitialized (missing PG_VERSION)."
+echo "Refusing deploy to prevent silent database re-initialization."
+echo "If this is an intentional rebuild, set ALLOW_EMPTY_PROD_VOLUME=1 for one run."
+exit 1