set up the postgres containers properly

I just learned this is how you're actually supposed to do it in order to
mimic a real deployment as closely as possible. If you read the
documentation for this docker image, you'll find that the user created
via `POSTGRES_USER` has `SUPERUSER` rights. Generally, real deployments
don't and shouldn't have this set for the database user of random
services (such as Lemmy).

The proper way to do this is to use the defaults and add an init script
that adds the actual service user and database to this specific
directory. This results in the Lemmy service user not having
`SUPERUSER`, which ensures that future migrations aren't written with
the concerning assumption that people will grant it `SUPERUSER` rights.

.woodpecker.yml

@@ -279,8 +279,10 @@ pipeline:
 services:
   database:
     image: postgres:15.2-alpine
+    volumes:
+      # Needed to ensure Lemmy functions without SUPERUSER
+      - ./docker/init-user-db.sh:/docker-entrypoint-initdb.d/init-user-db.sh
     environment:
-      POSTGRES_USER: lemmy
-      POSTGRES_PASSWORD: password
+      POSTGRES_PASSWORD: postgres
     # when:
     #   platform: linux/amd64

docker/docker-compose.yml

@@ -126,5 +126,8 @@ services:
       - POSTGRES_PASSWORD=password
       - POSTGRES_DB=lemmy
     volumes:
+      # Needed to ensure Lemmy functions without SUPERUSER
+      - ./init-user-db.sh:/docker-entrypoint-initdb.d/init-user-db.sh
+
       - ./volumes/postgres:/var/lib/postgresql/data:Z
     restart: always

docker/init-user-db.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+psql -v ON_ERROR_STOP=1 -U "$POSTGRES_USER" -d "$POSTGRES_DB" <<-ESQL
+    CREATE USER lemmy WITH PASSWORD 'password';
+    CREATE DATABASE lemmy WITH OWNER lemmy;
+    GRANT ALL PRIVILEGES ON DATABASE lemmy TO lemmy;
+ESQL