psql access

docker-compose.yml

@@ -4,11 +4,6 @@ services:
     image: claude-code:local
     container_name: claude-code
 
-    # Pass your Anthropic API key in from the host environment,
-    # or drop it into a .env file alongside this compose file.
-    # environment:
-    #  - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY:?Set ANTHROPIC_API_KEY in your environment or .env file}
-
     volumes:
       # Fixed home volume — persists Claude Code install, config, and credentials
       # across container restarts and image rebuilds.
@@ -18,13 +13,21 @@ services:
       #   PROJECT_DIR=/path/to/myproject docker compose run --rm claude-code
       - ${PROJECT_DIR:-./code}:/code
 
-    # Drop all Linux capabilities and disable privilege escalation —
-    # Claude Code doesn't need any of them.
+    # Drop all Linux capabilities except NET_BIND_SERVICE, which socat needs
+    # to proxy port 5432 on 127.0.0.1 inside the container.
     cap_drop:
       - ALL
+    cap_add:
+      - NET_BIND_SERVICE
     security_opt:
       - no-new-privileges:true
 
+    # Allow the container to reach the host's network (e.g. a local postgres).
+    # On Linux, host.docker.internal isn't automatic — this creates it.
+    # On Mac/Windows Docker Desktop it's already available but this is harmless.
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+
     # Interactive terminal so `claude` works properly
     stdin_open: true
     tty: true