Configure for local dev with Docker Compose

.gitignore

@@ -31,3 +31,6 @@ gc_index_relay-*.tar
 
 # Secrets -- copy from .env.example and fill in values
 .env
+
+# Local Postgres data
+/pgdata/

compose.yaml

@@ -0,0 +1,91 @@
+services:
+  postgres:
+    image: docker.io/apache/age:release_PG17_1.6.0
+    container_name: postgress_01
+    restart: unless-stopped
+    user: 1000:1000 # Should match host user
+    ports:
+      - "5432:5432"
+    volumes:
+      - ./pgdata:/var/lib/postgresql/data # Ensure host user owns the ./pgdata directory
+    environment:
+      POSTGRES_DB: ${POSTGRES_DB}
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+    command: >
+      postgres
+    deploy:
+      resources:
+        limits:
+          cpus: "1.00"
+          memory: 1G
+        reservations:
+          cpus: "0.50"
+          memory: 512M
+    security_opt:
+      - no-new-privileges:true
+    cap_drop:
+      - ALL
+    cap_add:
+      - CHOWN
+      - FOWNER
+      - SETUID
+      - SETGID
+    read_only: false
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+  setup:
+    build:
+      context: .
+      dockerfile: ./docker/setup.Dockerfile
+    command: ["/usr/local/bin/usersetup.sh"]
+    restart: no
+    depends_on:
+      postgres:
+        condition: service_healthy
+    environment:
+      POSTGRES_HOST: ${POSTGRES_HOST}
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_DB: ${POSTGRES_DB}
+      POSTGRES_RUNTIME_USER: ${POSTGRES_RUNTIME_USER}
+      POSTGRES_RUNTIME_PASSWORD: ${POSTGRES_RUNTIME_PASSWORD}
+
+  migrator:
+    build:
+      context: .
+      dockerfile: ./docker/server.Dockerfile
+    command: ["/app/bin/migrate"]
+    restart: no
+    depends_on:
+      postgres:
+        condition: service_healthy
+      setup:
+        condition: service_completed_successfully
+    environment:
+      DATABASE_URL: "ecto://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}/${POSTGRES_DB}"
+      SECRET_KEY_BASE: ${SECRET_KEY_BASE}
+
+  isidore:
+    build:
+      context: .
+      dockerfile: ./docker/server.Dockerfile
+    command: ["/app/bin/server"]
+    restart: unless-stopped
+    depends_on:
+      postgres:
+        condition: service_healthy
+      migrator:
+        condition: service_completed_successfully
+    ports:
+      - "4000:4000"
+    environment:
+      DATABASE_URL: "ecto://${POSTGRES_RUNTIME_USER}:${POSTGRES_RUNTIME_PASSWORD}@${POSTGRES_HOST}/${POSTGRES_DB}"
+      SECRET_KEY_BASE: ${SECRET_KEY_BASE}
+
+volumes:
+  pgdata:

docker/server.Dockerfile

@@ -7,7 +7,7 @@ ARG DEBIAN_VERSION=trixie-20260202-slim
 ARG BUILDER_IMAGE="hexpm/elixir:${ELIXIR_VERSION}-erlang-${OTP_VERSION}-debian-${DEBIAN_VERSION}"
 ARG RUNNER_IMAGE="debian:${DEBIAN_VERSION}"
 
-FROM ${BUILDER_IMAGE} as builder
+FROM ${BUILDER_IMAGE} AS builder
 
 # Set the locale
 ENV LANG=en_US.UTF-8
@@ -68,9 +68,9 @@ RUN apt-get update && \
 # Set the runtime locale
 RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
     locale-gen
-ENV LANG en_US.UTF-8
-ENV LANGUAGE en_US:en
-ENV LC_ALL en_US.UTF-8
+ENV LANG=en_US.UTF-8
+ENV LANGUAGE=en_US:en
+ENV LC_ALL=en_US.UTF-8
 
 # Transfer ownership of the app directory to the runtime user
 WORKDIR "/app"

docker/setup.Dockerfile

@@ -0,0 +1,12 @@
+ARG DEBIAN_VERSION=trixie-20260202-slim
+
+FROM debian:${DEBIAN_VERSION}
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends postgresql-client \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY ./docker/usersetup.sh /usr/local/bin/usersetup.sh
+RUN chmod +x /usr/local/bin/usersetup.sh
+
+ENTRYPOINT ["/usr/local/bin/usersetup.sh"]

docker/usersetup.sh

@@ -0,0 +1,35 @@
+#!/bin/sh
+set -eu
+
+export PGPASSWORD="${POSTGRES_PASSWORD}"
+
+echo "Waiting for PostgreSQL at ${POSTGRES_HOST}..."
+until psql -h "${POSTGRES_HOST}" -U "${POSTGRES_USER}" -d "${POSTGRES_DB}" -c '\q' 2>/dev/null; do
+    echo "  not ready, retrying in 2s..."
+    sleep 2
+done
+echo "PostgreSQL is ready."
+
+USER_EXISTS=$(psql -h "${POSTGRES_HOST}" -U "${POSTGRES_USER}" -tAc \
+    "SELECT 1 FROM pg_roles WHERE rolname = '${POSTGRES_RUNTIME_USER}'")
+
+if [ "${USER_EXISTS}" != "1" ]; then
+    echo "Creating user '${POSTGRES_RUNTIME_USER}'..."
+    psql -h "${POSTGRES_HOST}" -U "${POSTGRES_USER}" \
+        -c "CREATE USER \"${POSTGRES_RUNTIME_USER}\" WITH PASSWORD '${POSTGRES_RUNTIME_PASSWORD}'"
+else
+    echo "User '${POSTGRES_RUNTIME_USER}' already exists, ensuring password is current..."
+    psql -h "${POSTGRES_HOST}" -U "${POSTGRES_USER}" \
+        -c "ALTER USER \"${POSTGRES_RUNTIME_USER}\" WITH PASSWORD '${POSTGRES_RUNTIME_PASSWORD}'"
+fi
+
+echo "Granting privileges on '${POSTGRES_DB}'..."
+psql -h "${POSTGRES_HOST}" -U "${POSTGRES_USER}" -d "${POSTGRES_DB}" \
+    -c "GRANT CONNECT ON DATABASE \"${POSTGRES_DB}\" TO \"${POSTGRES_RUNTIME_USER}\";" \
+    -c "GRANT USAGE ON SCHEMA public TO \"${POSTGRES_RUNTIME_USER}\";" \
+    -c "GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"${POSTGRES_RUNTIME_USER}\";" \
+    -c "GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO \"${POSTGRES_RUNTIME_USER}\";" \
+    -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO \"${POSTGRES_RUNTIME_USER}\";" \
+    -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT USAGE, SELECT ON SEQUENCES TO \"${POSTGRES_RUNTIME_USER}\";"
+
+echo "Done. User '${POSTGRES_RUNTIME_USER}' has read/write access to '${POSTGRES_DB}'."

rel/overlays/bin/server

@@ -3,8 +3,5 @@ set -eu
 
 cd -P -- "$(dirname -- "$0")"
 
-# Run migrations before starting the server
-./gc_index_relay eval "GcIndexRelay.Release.migrate"
-
 # Start the server
 PHX_SERVER=true exec ./gc_index_relay start