The current compose.yaml file in rhdh-local has several areas for improvement that affect data persistence, service reliability, and security best practices.

1. PostgreSQL Data Loss Risk: The PostgreSQL service uses an anonymous volume that doesn't persist data across container recreation.

volumes:
  - "/var/lib/pgsql/data" 

The risk here is that the database data may be lost when running docker compose down -v or during container updates.

2. No Service Health Monitoring: The main RHDH service lacks health checks, making it difficult to determine when the service is ready. This results to; poor troubleshooting experience, no programmatic way to verify service readiness and potential race conditions in dependent services

3. Debug Port Security Exposure: Debug port (9229) is currently bound to all interfaces, creating an unnecessary security risk:

ports:
  - "7007:7007"
  - "127.0.0.1:9229:9229"  # Already correctly restricted 

View the following GDoc for the proposed solutions https://docs.google.com/document/d/15IvlsZK5AM0eRshMoBkbPTiZMa_Oaw_eBtsNG-XfuAo/edit?usp=sharing 

Acceptance Criteria

• PostgreSQL data persists across, e.g., docker compose down and docker compose up
• Health check correctly identifies when RHDH service is ready
• Debug port remains restricted to localhost

• Changes work with both docker compose and podman compose

• Documentation potentially updated to reflect new configuration options

• Backwards compatibility maintained (no breaking changes)