diff --git a/src/main/resources/taiga/ingress/certificate.yaml b/src/main/resources/taiga/ingress/certificate.yaml
new file mode 100644
index 0000000..6cb4008
--- /dev/null
+++ b/src/main/resources/taiga/ingress/certificate.yaml
@@ -0,0 +1,18 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: c4k-common-cert
+  labels:
+    app.kubernetes.part-of: c4k-common-app
+  namespace: default
+spec:
+  secretName: c4k-common-cert
+  commonName: FQDN
+  duration: 2160h # 90d
+  renewBefore: 720h # 30d
+  dnsNames:
+  - FQDN
+  issuerRef:
+    name: staging
+    kind: ClusterIssuer
+    
\ No newline at end of file
diff --git a/src/main/resources/taiga/ingress/host-rule.yaml b/src/main/resources/taiga/ingress/host-rule.yaml
new file mode 100644
index 0000000..73d0e9f
--- /dev/null
+++ b/src/main/resources/taiga/ingress/host-rule.yaml
@@ -0,0 +1,10 @@
+host: FQDN
+http:
+  paths:
+    - pathType: Prefix
+      path: "/"
+      backend:
+        service:
+          name: SERVICE_NAME
+          port:
+            number: SERVICE_PORT
diff --git a/src/main/resources/taiga/ingress/ingress.yaml b/src/main/resources/taiga/ingress/ingress.yaml
new file mode 100644
index 0000000..c958fca
--- /dev/null
+++ b/src/main/resources/taiga/ingress/ingress.yaml
@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: c4k-common-https-ingress
+  namespace: default
+  labels:
+    app.kubernetes.part-of: c4k-common-app
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
+    traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
+    metallb.universe.tf/address-pool: public
+spec:
+  tls:
+    - hosts:
+        - FQDN
+      secretName: c4k-common-cert
+  rules:
+    - host: FQDN
+      http:
+        paths:
+          - pathType: Prefix
+            path: "/"
+            backend:
+              service:
+                name: SERVICE_NAME
+                port:
+                  number: 80
diff --git a/src/main/resources/taiga/postgres/config-8gb.yaml b/src/main/resources/taiga/postgres/config-8gb.yaml
new file mode 100644
index 0000000..07e3c06
--- /dev/null
+++ b/src/main/resources/taiga/postgres/config-8gb.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: postgres-config
+  labels:
+    app: postgres
+data:
+  postgres-db: postgres
+  postgresql.conf: |
+    max_connections = 700
+    work_mem = 3MB
+    shared_buffers = 2048MB
diff --git a/src/main/resources/taiga/postgres/deployment.yaml b/src/main/resources/taiga/postgres/deployment.yaml
new file mode 100644
index 0000000..5b4bb4d
--- /dev/null
+++ b/src/main/resources/taiga/postgres/deployment.yaml
@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: postgresql
+spec:
+  selector:
+    matchLabels:
+      app: postgresql
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: postgresql
+    spec:
+      containers:
+        - image: postgres
+          name: postgresql
+          env:
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-secret
+                  key: postgres-user
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-secret
+                  key: postgres-password
+            - name: POSTGRES_DB
+              valueFrom:
+                configMapKeyRef:
+                  name: postgres-config
+                  key: postgres-db
+          ports:
+            - containerPort: 5432
+              name: postgresql
+          volumeMounts:
+            - name: postgres-config-volume
+              mountPath: /etc/postgresql/postgresql.conf
+              subPath: postgresql.conf
+              readOnly: true
+            - name: postgre-data-volume
+              mountPath: /var/lib/postgresql/data
+      volumes:
+        - name: postgres-config-volume
+          configMap:
+            name: postgres-config
+        - name: postgre-data-volume
+          persistentVolumeClaim:
+            claimName: postgres-claim
diff --git a/src/main/resources/taiga/postgres/persistent-volume.yaml b/src/main/resources/taiga/postgres/persistent-volume.yaml
new file mode 100644
index 0000000..acc9b9d
--- /dev/null
+++ b/src/main/resources/taiga/postgres/persistent-volume.yaml
@@ -0,0 +1,14 @@
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: postgres-pv-volume
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  capacity:
+    storage: 10Gi
+  hostPath:
+    path: "/var/postgres"
\ No newline at end of file
diff --git a/src/main/resources/taiga/postgres/pvc.yaml b/src/main/resources/taiga/postgres/pvc.yaml
new file mode 100644
index 0000000..7d94bd1
--- /dev/null
+++ b/src/main/resources/taiga/postgres/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: postgres-claim
+  labels:
+    app: postgres
+spec:
+  storageClassName: REPLACEME
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: REPLACEME
\ No newline at end of file
diff --git a/src/main/resources/taiga/postgres/secret.yaml b/src/main/resources/taiga/postgres/secret.yaml
new file mode 100644
index 0000000..ebf2b69
--- /dev/null
+++ b/src/main/resources/taiga/postgres/secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: postgres-secret
+type: Opaque
+data:
+  postgres-user: "psql-user"
+  postgres-password: "psql-pw"
diff --git a/src/main/resources/taiga/postgres/service.yaml b/src/main/resources/taiga/postgres/service.yaml
new file mode 100644
index 0000000..d67fea1
--- /dev/null
+++ b/src/main/resources/taiga/postgres/service.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgresql-service
+spec:
+  selector:
+    app: postgresql
+  ports:
+    - port: 5432