[harden] add password for postgres db
context
- an attacker on the box can easily get this password (which is why we don't have it currently)
- however, if we assume an attack trying to use the postgres container itself as a point of entry, this provides useful defense in depth