services: postgres: image: docker.io/apache/age:release_PG17_1.6.0 container_name: postgress_01 restart: unless-stopped user: 1000:1000 # Should match host user ports: - "5432:5432" volumes: - ./pgdata:/var/lib/postgresql/data # Ensure host user owns the ./pgdata directory environment: POSTGRES_DB: ${POSTGRES_DB} POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} command: > postgres deploy: resources: limits: cpus: "1.00" memory: 1G reservations: cpus: "0.50" memory: 512M security_opt: - no-new-privileges:true cap_drop: - ALL cap_add: - CHOWN - FOWNER - SETUID - SETGID read_only: false healthcheck: test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"] interval: 10s timeout: 5s retries: 5 setup: build: context: . dockerfile: ./docker/setup.Dockerfile command: ["/usr/local/bin/usersetup.sh"] restart: no depends_on: postgres: condition: service_healthy environment: POSTGRES_HOST: ${POSTGRES_HOST} POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_DB: ${POSTGRES_DB} POSTGRES_RUNTIME_USER: ${POSTGRES_RUNTIME_USER} POSTGRES_RUNTIME_PASSWORD: ${POSTGRES_RUNTIME_PASSWORD} migrator: build: context: . dockerfile: ./docker/server.Dockerfile command: ["/app/bin/migrate"] restart: no depends_on: postgres: condition: service_healthy setup: condition: service_completed_successfully environment: DATABASE_URL: "ecto://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}/${POSTGRES_DB}" SECRET_KEY_BASE: ${SECRET_KEY_BASE} mercury: build: context: . dockerfile: ./docker/server.Dockerfile command: ["/app/bin/server"] restart: unless-stopped depends_on: postgres: condition: service_healthy migrator: condition: service_completed_successfully ports: - "4000:4000" environment: DATABASE_URL: "ecto://${POSTGRES_RUNTIME_USER}:${POSTGRES_RUNTIME_PASSWORD}@${POSTGRES_HOST}/${POSTGRES_DB}" SECRET_KEY_BASE: ${SECRET_KEY_BASE} volumes: pgdata: