diff --git a/README.adoc b/README.adoc
index 1ea0011..25833b0 100644
--- a/README.adoc
+++ b/README.adoc
@@ -14,6 +14,7 @@ homelab.
 
 * NGINX
 * Jellyfin
+* PostgreSQL
 
 === Testing
 To run locally, specify the inventory file with `-i hosts`.
diff --git a/playbook.yml b/playbook.yml
index f2ddd81..a945adf 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -5,5 +5,7 @@
     - nginx
     - jellyfin
     - openldap
+    - postgres
   vars_files:
     - vault/certs/{{ base_domain }}.yml
+    - vault/passwords.yml
diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml
new file mode 100644
index 0000000..00d9130
--- /dev/null
+++ b/roles/postgres/tasks/main.yml
@@ -0,0 +1,36 @@
+- name: install psycopg2
+  pip:
+    name: psycopg2-binary
+    state: present
+- name: ensure directories exist
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: "0755"
+  loop:
+    - "{{ data_folder }}/postgres/data"
+    - "{{ data_folder }}/postgres/init"
+- name: copy init sql files
+  template:
+    src: "{{ item }}"
+    dest: "{{ data_folder }}/postgres/init/{{ item | basename | regex_replace('.j2$', '') }}"
+  with_fileglob:
+    - "../templates/*.sql.j2"
+- name: create network
+  docker_network:
+    name: postgres
+    attachable: true
+    internal: true
+    state: present
+- name: run container
+  docker_container:
+    name: "postgres"
+    image: "postgres:13"
+    networks:
+      - name: postgres
+    volumes:
+      - "{{ data_folder }}/postgres/data:/var/lib/postgresql/data"
+      - "{{ data_folder }}/postgres/init:/docker-entrypoint-initdb.d"
+    env:
+      POSTGRES_PASSWORD: "{{ vault_postgres_password }}"
+    state: started
\ No newline at end of file
diff --git a/vault/passwords.yml b/vault/passwords.yml
new file mode 100644
index 0000000..c1df0f3
--- /dev/null
+++ b/vault/passwords.yml
@@ -0,0 +1,14 @@
+$ANSIBLE_VAULT;1.1;AES256
+32656133366339323166343734353434356561306461363033383266373733646161323166353438
+3537666138666438373366353530626339303866353162340a386539353333323835383237356566
+66636133383662333334396162323637393335336463316235386334353930616238623133613636
+6535613536633662340a386333373465613466303137643232356664363233326561653235656263
+63316130346236376235623632356364353538306439616362313837303438363736316137346237
+36623333643062626532383439663730653139633836613636343232323437643564643531336661
+34386135386437656135616536356538663731336261393636396562666337616462323330623732
+65363536383238376166393563636532353336306335613131653261333662613965633265333462
+30353564316435636330623434623832623463336231393630616266336435646434303963353665
+63616631313863303838613362343538663236656235353966306231643132633938373935646466
+63333036376136353831653236663631343761303830336461326264316563643037363935623731
+38393037396530346232656366626535363539653462393663653739653935376436333934616562
+3931