diff --git a/deployments/home-server/linkwarden.yaml b/deployments/home-server/linkwarden.yaml
index 6b9ff25..95492f2 100644
--- a/deployments/home-server/linkwarden.yaml
+++ b/deployments/home-server/linkwarden.yaml
@@ -1,34 +1,6 @@
 ---
 apiVersion: v1
 kind: PersistentVolume
-metadata:
-  name: linkwarden-pgdata-pv
-spec:
-  capacity:
-    storage: 5Gi
-  accessModes:
-    - ReadWriteOnce
-  persistentVolumeReclaimPolicy: Retain
-  storageClassName: local-path
-  hostPath:
-    path: /dpool/services/linkwarden/database
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: linkwarden-pgdata-pvc
-  namespace: home-server
-spec:
-  accessModes:
-    - ReadWriteOnce
-  storageClassName: local-path
-  resources:
-    requests:
-      storage: 5Gi
-  volumeName: linkwarden-pgdata-pv
----
-apiVersion: v1
-kind: PersistentVolume
 metadata:
   name: linkwarden-pv
 spec:
@@ -39,7 +11,7 @@ spec:
   persistentVolumeReclaimPolicy: Retain
   storageClassName: local-path
   hostPath:
-    path: /dpool/services/linkwarden/app
+    path: /dpool/services/linkwarden
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -55,43 +27,18 @@ spec:
       storage: 5Gi
   volumeName: linkwarden-pv
 ---
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: v1
+kind: Service
 metadata:
-  name: linkwarden-postgres
+  name: linkwarden
   namespace: home-server
 spec:
-  replicas: 1
   selector:
-    matchLabels:
-      app: linkwarden-postgres
-  template:
-    metadata:
-      labels:
-        app: linkwarden-postgres
-    spec:
-      containers:
-        - name: postgres
-          image: postgres:15
-          env:
-            - name: POSTGRES_DB
-              value: linkwarden
-            - name: POSTGRES_USER
-              value: linkwardenuser
-            - name: POSTGRES_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: linkwarden-postgres-secret
-                  key: postgres-password
-          ports:
-            - containerPort: 5432
-          volumeMounts:
-            - name: pgdata
-              mountPath: /var/lib/postgresql/data
-      volumes:
-        - name: pgdata
-          persistentVolumeClaim:
-            claimName: linkwarden-pgdata-pvc
+    app: linkwarden
+  ports:
+    - port: 3000
+      targetPort: 3000
+      protocol: TCP
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -133,9 +80,9 @@ spec:
             - name: NODE_ENV
               value: "production"
             - name: TZ
-              value: "Australia/Brisbane"
+              value: "Australia/Sydney"
             - name: DATABASE_URL
-              value: "postgresql://linkwardenuser:$(POSTGRES_PASSWORD)@linkwarden-postgres.home-server.svc.cluster.local:5432/linkwarden"
+              value: "file:/data/data.db"
           volumeMounts:
             - name: linkwarden-data
               mountPath: /data
@@ -144,26 +91,29 @@ spec:
           persistentVolumeClaim:
             claimName: linkwarden-pvc
 ---
-apiVersion: v1
-kind: Service
+apiVersion: networking.k8s.io/v1
+kind: Ingress
 metadata:
   name: linkwarden
   namespace: home-server
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: links.hxme.net
+    nginx.ingress.kubernetes.io/server-snippet: |
+      add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
 spec:
-  selector:
-    app: linkwarden
-  ports:
-    - port: 3000
-      targetPort: 3000
-      protocol: TCP
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: linkwarden-postgres
-  namespace: home-server
-spec:
-  ports:
-    - port: 5432
-  selector:
-    app: linkwarden-postgres
+  tls:
+    - hosts:
+        - links.hxme.net
+      secretName: wildcard-hxme-net
+  rules:
+    - host: links.hxme.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: linkwarden
+                port:
+                  number: 3000
+
diff --git a/deployments/operators/kustomization.yaml b/deployments/operators/kustomization.yaml
index 9a0fb27..3fc92d1 100644
--- a/deployments/operators/kustomization.yaml
+++ b/deployments/operators/kustomization.yaml
@@ -4,6 +4,7 @@ kind: Kustomization
 
 resources:
   - mariadb.yaml
+  - postgres.yaml
   - replicator.yaml
   - namespace.yaml
   - redis.yaml
diff --git a/deployments/operators/postgres.yaml b/deployments/operators/postgres.yaml
new file mode 100644
index 0000000..e12a3c6
--- /dev/null
+++ b/deployments/operators/postgres.yaml
@@ -0,0 +1,57 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: postgres-operator-system
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: crunchydata-postgres-operator
+  namespace: flux-system
+spec:
+  interval: 1h
+  url: oci://registry.developers.crunchydata.com/crunchydata/pgo
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: postgres-operator-crds
+  namespace: postgres-operator-system
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: pgo-crds
+      version: 5.3.0
+      sourceRef:
+        kind: HelmRepository
+        name: crunchydata-postgres-operator
+        namespace: flux-system
+  install:
+    createNamespace: true
+  upgrade:
+    disableWait: true
+  timeout: 5m
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: postgres-operator
+  namespace: postgres-operator-system
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: postgres-operator
+      version: 5.3.0
+      sourceRef:
+        kind: HelmRepository
+        name: crunchydata-postgres-operator
+        namespace: flux-system
+  install:
+    createNamespace: true
+  dependsOn:
+    - name: postgres-operator-crds
+      namespace: postgres-operator-system
+