CREATE ROLE readonly;
GRANT CONNECT ON DATABASE db_name TO readonly;
GRANT USAGE ON SCHEMA public TO readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;
CREATE USER readonly_user WITH PASSWORD 'password';
GRANT readonly TO readonly_user;