From d7d91cd05947754abf9d94e72b4b826c7031166a Mon Sep 17 00:00:00 2001
From: jessikitty <jess.rogerson.29@outlook.com>
Date: Thu, 4 Jun 2026 12:54:46 +1000
Subject: [PATCH] fix: add sysctls to db service to resolve unprivileged LXC
 sysctl permission error

---
 docker-compose.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index 709b628..d10116c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,6 +2,10 @@ services:
   db:
     image: postgres:16-alpine
     restart: unless-stopped
+    # Disable sysctl tuning — required for unprivileged LXC environments
+    command: postgres -c ipc_lock=off
+    sysctls:
+      net.ipv4.ip_unprivileged_port_start: 0
     volumes:
       - postgres_data:/var/lib/postgresql/data
     environment: