diff --git a/.idea/dataSources.xml b/.idea/dataSources.xml
index a7d2382..b925a85 100644
--- a/.idea/dataSources.xml
+++ b/.idea/dataSources.xml
@@ -65,5 +65,13 @@
         <property name="autoReconnect" value="true" />
       </driver-properties>
     </data-source>
+    <data-source source="LOCAL" name="postgres: sql.xai-corp.net (mapped)" uuid="a12eef14-05f4-4575-a408-f3b45afbb955">
+      <driver-ref>postgresql</driver-ref>
+      <synchronize>true</synchronize>
+      <remarks>forwarded connection to postgres</remarks>
+      <jdbc-driver>org.postgresql.Driver</jdbc-driver>
+      <jdbc-url>jdbc:postgresql://localhost:5432/postgres</jdbc-url>
+      <working-dir>$ProjectFileDir$</working-dir>
+    </data-source>
   </component>
 </project>
\ No newline at end of file
diff --git a/ansible-5/roles/prod.k3s/defaults/main.yml b/ansible-5/roles/prod.k3s/defaults/main.yml
index 961c06b..e4aa05f 100644
--- a/ansible-5/roles/prod.k3s/defaults/main.yml
+++ b/ansible-5/roles/prod.k3s/defaults/main.yml
@@ -59,6 +59,16 @@ apps:
       root_password: q4890qhhfgq9pfg3q4uyg33
       replication_password: 4q389hq7gf8qo47gq8374g
 
+  postgres:
+    enabled: true
+    namespace: postgres
+    pvc: data-postgres-0
+    state: present
+    secrets:
+      password: faj48290q2u58vy8qphqtqj
+      postgres_password: q4890qhhfgq9pfg3q4uyg33
+      replication_password: 4q389hq7gf8qo47gq8374g
+
   gitea:
     enabled: false
     namespace: gitea
diff --git a/ansible-5/roles/prod.k3s/files/postgres/values.yaml b/ansible-5/roles/prod.k3s/files/postgres/values.yaml
new file mode 100644
index 0000000..15a3060
--- /dev/null
+++ b/ansible-5/roles/prod.k3s/files/postgres/values.yaml
@@ -0,0 +1,11 @@
+---
+# values for PostgreSQL
+
+image:
+  repository: bitnami/postgresql
+  tag: 15.1.0-debian-11-r12
+
+auth:
+  database: test
+  username: "test"
+  existingSecret: postgres-secrets
diff --git a/ansible-5/roles/prod.k3s/tasks/deployments/postgresql.yaml b/ansible-5/roles/prod.k3s/tasks/deployments/postgresql.yaml
new file mode 100644
index 0000000..136c693
--- /dev/null
+++ b/ansible-5/roles/prod.k3s/tasks/deployments/postgresql.yaml
@@ -0,0 +1,65 @@
+---
+#https://github.com/bitnami/charts/tree/main/bitnami/postgresql
+
+
+
+- name: Create a namespace for postgres
+  k8s:
+    kubeconfig: "/etc/rancher/k3s/k3s.yaml"
+    name: "{{apps.postgres.namespace}}"
+    api_version: v1
+    kind: Namespace
+    state: "{{apps.postgres.state}}"
+  become: true
+
+- name: create persistent volume resources
+  kubernetes.core.k8s:
+    kubeconfig: "/etc/rancher/k3s/k3s.yaml"
+    state: "{{apps.postgres.state}}"
+    definition: "{{ lookup('template', item) | from_yaml }}"
+  loop:
+    - postgres/pv.yaml
+    - postgres/pv-claim.yaml
+  become: true
+
+- name: create secret for postgres
+  kubernetes.core.k8s:
+    kubeconfig: "/etc/rancher/k3s/k3s.yaml"
+    state: "{{apps.postgres.state}}"
+    definition:
+      apiVersion: v1
+      kind: Secret
+      type: Opaque
+      metadata:
+        name: postgres-secrets
+        namespace: "{{apps.postgres.namespace}}"
+      stringData:
+        password: "{{apps.postgres.secrets.password}}"
+        postgres-password: "{{apps.postgres.secrets.postgres_password}}"
+        replication-password: "{{apps.postgres.secrets.replication_password}}"
+  become: true
+
+- name: Install postgres globally available
+  block:
+    - name: Add postgres chart helm repo
+      local_action:
+        module: kubernetes.core.helm_repository
+        name: bitnami
+        repo_url: https://charts.bitnami.com/bitnami
+
+    - name: load variables files/postgres/values.yaml
+      ansible.builtin.include_vars:
+        file: files/postgres/values.yaml
+        name: stash_values
+
+    - name: Install postgres Release
+      local_action:
+        module: kubernetes.core.helm
+        release_state: "{{apps.postgres.state}}"
+        name: postgresql
+        namespace: "{{apps.postgres.namespace}}"
+        create_namespace: yes
+        update_repo_cache: True
+        chart_ref: bitnami/postgresql
+        values: "{{stash_values}}"
+        wait: true
diff --git a/ansible-5/roles/prod.k3s/tasks/main.yml b/ansible-5/roles/prod.k3s/tasks/main.yml
index b8da6fb..eb63c9e 100644
--- a/ansible-5/roles/prod.k3s/tasks/main.yml
+++ b/ansible-5/roles/prod.k3s/tasks/main.yml
@@ -22,6 +22,10 @@
   include_tasks: deployments/mariadb.yaml
   when: apps.mariadb.enabled
 
+- name: deploy postgresql
+  include_tasks: deployments/postgresql.yaml
+  when: apps.postgres.enabled
+
 - name: deploy gitea
   include_tasks: deployments/gitea.yaml
   when: apps.gitea.enabled
diff --git a/ansible-5/roles/prod.k3s/templates/postgres/pv-claim.yaml b/ansible-5/roles/prod.k3s/templates/postgres/pv-claim.yaml
new file mode 100644
index 0000000..0c9e610
--- /dev/null
+++ b/ansible-5/roles/prod.k3s/templates/postgres/pv-claim.yaml
@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: "{{apps.postgres.pvc}}"
+  namespace: "{{apps.postgres.namespace}}"
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi
diff --git a/ansible-5/roles/prod.k3s/templates/postgres/pv.yaml b/ansible-5/roles/prod.k3s/templates/postgres/pv.yaml
new file mode 100644
index 0000000..23cf24f
--- /dev/null
+++ b/ansible-5/roles/prod.k3s/templates/postgres/pv.yaml
@@ -0,0 +1,17 @@
+---
+# persistent volume
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: postgres-pv-local
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 100Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/opt/data/db/postgres-15.1"
+