[BUG] "PostgreSQL query failed: host resolves to a blocked IP address"

[xBounceIT]

Describe the bug
Im trying to connect an AI agent to a local postgres DB but keep getting stuck on this error

To Reproduce
Create a block for PostgreSQL and use a local container name in the same docker network

Expected behavior
Connection OK

Screenshots

Additional context
Docker stack im using via Swarm:

services:
  simstudio:
    image: ghcr.io/simstudioai/simstudio:${VERSION}
    restart: unless-stopped
    ports:
      - '3010:3000'
    deploy:
      resources:
        limits:
          memory: 8G
      placement:
        constraints:
          - node.labels.env != db
          - node.labels.env != dmz
    environment:
      - NODE_ENV=production
      - DATABASE_URL=postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-simstudio}
      - BETTER_AUTH_URL=${NEXT_PUBLIC_APP_URL:-http://10.10.144.81:3010}
      - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://10.10.144.81:3010}
      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET}
      - ENCRYPTION_KEY=${ENCRYPTION_KEY}
      - API_ENCRYPTION_KEY=${API_ENCRYPTION_KEY:-}
      - INTERNAL_API_SECRET=${INTERNAL_API_SECRET}
      - REDIS_URL=redis://redis:6379/0
#      - COPILOT_API_KEY=${COPILOT_API_KEY}
#      - SIM_AGENT_API_URL=${SIM_AGENT_API_URL}
      - SOCKET_SERVER_URL=${SOCKET_SERVER_URL:-http://realtime:3002}
      - NEXT_PUBLIC_SOCKET_URL=${NEXT_PUBLIC_SOCKET_URL:-http://10.10.144.81:3002}
      - ADMISSION_GATE_MAX_INFLIGHT=${ADMISSION_GATE_MAX_INFLIGHT:-500}
    depends_on:
      - db
      - migrations
      - realtime
    healthcheck:
      test: ['CMD', 'curl', '-fsS', 'http://127.0.0.1:3000']
      interval: 90s
      timeout: 5s
      retries: 3
      start_period: 10s
    networks:
      - ssoc-soar-v2
      
  realtime:
    image: ghcr.io/simstudioai/realtime:${VERSION}
    restart: unless-stopped
    ports:
      - '3002:3002'
    deploy:
      resources:
        limits:
          memory: 1G
      placement:
        constraints:
        - node.labels.env != db
        - node.labels.env != dmz
    environment:
      - NODE_ENV=production
      - DATABASE_URL=postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-simstudio}
      - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://10.10.144.81:3010}
      - BETTER_AUTH_URL=${BETTER_AUTH_URL:-http://10.10.144.81:3010}
      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET}
      - INTERNAL_API_SECRET=${INTERNAL_API_SECRET}
      - REDIS_URL=redis://redis:6379/0
    depends_on:
      - db
    healthcheck:
      test: ['CMD', 'curl', '-fsS', 'http://127.0.0.1:3002/health']
      interval: 90s
      timeout: 5s
      retries: 3
      start_period: 10s
    networks:
      - ssoc-soar-v2
      
  migrations:
    image: ghcr.io/simstudioai/migrations:${VERSION}
    deploy:
      placement:
        constraints:
          - node.labels.env != db
          - node.labels.env != dmz
      restart_policy:
        condition: none
    working_dir: /app/packages/db
    environment:
      - DATABASE_URL=postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-simstudio}
    depends_on:
      - db
    command: ['bun', 'run', 'db:migrate']
    networks:
      - ssoc-soar-v2
      
  db:
    image: pgvector/pgvector:pg17
    restart: unless-stopped
    deploy:
      placement:
        constraints:
          - node.labels.env != db
          - node.labels.env != dmz
    environment:
      - POSTGRES_USER=${POSTGRES_USER:-postgres}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-postgres}
      - POSTGRES_DB=${POSTGRES_DB:-simstudio}
      - POSTGRES_HOST_AUTH_METHOD=scram-sha-256
      - POSTGRES_INITDB_ARGS=--auth-host=scram-sha-256
    volumes:
      - /mnt/nfs_share/ssoc/sim/postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ['CMD-SHELL', 'pg_isready -U postgres']
      interval: 30s
      timeout: 60s
      retries: 5
    networks:
      - ssoc-soar-v2
      
  postgres-alerts:
    hostname: soar-db-alerts
    image: postgres:18
    deploy:
      mode: replicated
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 15s
        max_attempts: 3
      placement:
        constraints:
          - node.labels.env == db
    environment:
    - POSTGRES_DB=alerts
    - POSTGRES_NON_ROOT_USER=n8n
    - POSTGRES_NON_ROOT_PASSWORD=REDACTED
    - POSTGRES_PASSWORD=REDACTED
    - POSTGRES_USER=root
    - TZ=Europe/Rome
    volumes:
      - /mnt/iscsi-n8n-dbalerts:/var/lib/postgresql/
    healthcheck:
      test: ['CMD-SHELL', 'pg_isready -h localhost -U root -d alerts']
      interval: 15s
      timeout: 5s
      retries: 10
    networks:
      - ssoc-soar-v2

  redis:
    hostname: soar-redis
    image: redis:7-alpine
    deploy:
      mode: replicated
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
      placement:
        constraints:
          - node.labels.env != db
          - node.labels.env != dmz
    volumes:
      - /mnt/nfs_share/ssoc/n8n/redis_storage:/data
    healthcheck:
      test: ['CMD', 'redis-cli', 'ping']
      interval: 5s
      timeout: 5s
      retries: 10
    networks:
      - ssoc-soar-v2

  qdrant:
    image: qdrant/qdrant:${QDRANT_VERSION}
    hostname: qdrant
    deploy:
      mode: replicated
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
      placement:
        constraints:
          - node.labels.env == db
    volumes:
      - "/mnt/iscsi-qdrant:/qdrant/storage:z"
    networks:
      - ssoc-soar-v2
      - waf

networks:
  ssoc-soar-v2:
    external: false
    name: "ssoc-soar-v2"
  waf:
    external: true
    name: waf-cld_waf