Complete Docker Compose setup for local development and testing of the SQL-to-ARC middleware.
PostgreSQL 15 database server with:
- Default credentials:
postgres/postgres - Port:
5432 - Persistent volume:
postgres_data - Health check enabled
One-time initialization container that:
- Waits for PostgreSQL to be healthy
- Drops and recreates
edaphobasedatabase - Downloads and imports the Edaphobase dump from https://repo.edaphobase.org/rep/dumps/FAIRagro.sql
- Exits after completion
The SQL-to-ARC converter that:
- Builds from
../docker/Dockerfile.sql_to_arc - Waits for db-init to complete
- Connects to PostgreSQL and Middleware API
- Mounts encrypted secrets via sops
- Currently set to
sleep 3600(modify compose.dev.yaml to enable converter)
A simple mock service that simulates the Middleware API for local testing.
- No mTLS required (uses HTTP)
- Logs all incoming ARC uploads
- Available via
http://localhost:8000
If you don't have the mTLS keys yet and just want to see the workflow in action with a local database and a mock API:
./start-demo.sh --buildThis starts:
- postgres: A local DB.
- db-init: Fills the DB with sample data.
- middleware-api: A local mock API.
- sql-to-arc: The converter, pointing to the local mock.
- Docker and Docker Compose
- sops for secret management
- Age or PGP key configured for sops decryption
./start-dev.shThis will:
- Start PostgreSQL
- Initialize the database with Edaphobase data
- Run the SQL-to-ARC converter
With image rebuild:
./start-dev.sh --buildIf you want to run sql_to_arc against an external API server (e.g. production or staging) that requires client certificates:
- Copy your client certificate and key to
dev_environment/client.crtanddev_environment/client.key. - Edit
dev_environment/config-external.yamland set theapi_urlto the external endpoint. - Run the external start script:
./start-external.shThis starts only postgres, db-init, and sql_to_arc.
docker compose logs -f
docker compose logs -f postgres
docker compose logs -f sql_to_arcdocker compose downdocker compose down -vSet via .env file or shell environment:
POSTGRES_USER- Database user (default:postgres)POSTGRES_PASSWORD- Database password (default:postgres)
The client.key file should be encrypted with sops:
# Encrypt (first time)
sops -e -i client.key
# Edit encrypted file
sops client.key
# Decrypt to view
sops -d client.keyThe start-dev.sh script uses sops exec-file to temporarily decrypt client.key during container startup.
Application configuration for sql_to_arc:
db_host: Set topostgres(Docker service name)api_client.client_cert_path:/run/secrets/client.crtapi_client.client_key_path:/run/secrets/client.key
postgres (healthcheck)
↓
db-init (waits for healthy postgres)
↓
sql_to_arc (waits for db-init completion)
Check db-init logs:
docker compose logs db-initCommon issues:
- Network timeout downloading dump → retry with
docker compose up db-init - PostgreSQL not ready → check postgres healthcheck
Check logs:
docker compose logs sql_to_arcCommon issues:
- Secrets not mounted → verify sops decryption works:
sops -d client.key - API unreachable → check
api_urlin config.dev.yaml - Database connection → verify db-init completed successfully
docker compose build sql_to_arc
docker compose up sql_to_arcIf you don't want to use sops or the start script:
# Start postgres and db-init only
docker compose up -d postgres db-init
# Wait for initialization
docker compose logs -f db-init
# Run sql_to_arc manually (after decrypting secrets)
sops exec-file client.key \
'docker compose run --rm sql_to_arc'- Make changes to sql_to_arc code
- Rebuild image:
./start-dev.sh --build - View logs:
docker compose logs -f sql_to_arc - Iterate
compose.dev.yaml- Docker Compose service definitionsconfig.dev.yaml- Application configurationclient.crt- Client certificate (plain)client.key- Client private key (encrypted with sops)start-dev.sh- Startup script with sops integrationrun.sh- DEPRECATED - Old script (kept for reference)