diff --git a/kubernetes/apps/security/infisical/app/helmrelease.yaml b/kubernetes/apps/security/infisical/app/helmrelease.yaml
index 715922a..86907e5 100644
--- a/kubernetes/apps/security/infisical/app/helmrelease.yaml
+++ b/kubernetes/apps/security/infisical/app/helmrelease.yaml
@@ -35,6 +35,10 @@ spec:
       name: infisical-secret
       valuesKey: authSecret
       targetPath: backendEnvironmentVariables.JWT_AUTH_SECRET
+    - kind: Secret
+      name: infisical-db-pguser-infisical
+      valuesKey: uri
+      targetPath: backendEnvironmentVariables.DB_CONNECTION_URI
   values:
     fullnameOverride: *name
     backend:
@@ -46,9 +50,17 @@ spec:
       SITE_URL: https://infisical.laurivan.com
     mongodb:
       enabled: true
+      image:
+        registry: docker.io
+        repository: bitnami/mongodb
+        tag: "6.0"
       auth:
         enabled: false
     redis:
       enabled: true
+      image:
+        registry: docker.io
+        repository: bitnami/redis
+        tag: "7.0"
       auth:
         enabled: false
diff --git a/kubernetes/apps/security/infisical/app/kustomization.yaml b/kubernetes/apps/security/infisical/app/kustomization.yaml
index 27dd215..3648a37 100644
--- a/kubernetes/apps/security/infisical/app/kustomization.yaml
+++ b/kubernetes/apps/security/infisical/app/kustomization.yaml
@@ -7,3 +7,4 @@ resources:
   - ./helmrepository.yaml
   - ./httproute.yaml
   - ./secret.sops.yaml
+  - ./postgres-cluster.yaml
diff --git a/kubernetes/apps/security/infisical/app/postgres-cluster.yaml b/kubernetes/apps/security/infisical/app/postgres-cluster.yaml
new file mode 100644
index 0000000..da8b2b6
--- /dev/null
+++ b/kubernetes/apps/security/infisical/app/postgres-cluster.yaml
@@ -0,0 +1,32 @@
+apiVersion: postgres-operator.crunchydata.com/v1beta1
+kind: PostgresCluster
+metadata:
+  name: infisical-db
+  namespace: security
+spec:
+  image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:centos8-15.0-0
+  postgresVersion: 15
+  instances:
+    - name: instance1
+      dataVolumeClaimSpec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: 5Gi
+  backups:
+    pgbackrest:
+      image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:centos8-2.41-0
+      repos:
+        - name: repo1
+          volume:
+            volumeClaimSpec:
+              accessModes:
+                - "ReadWriteOnce"
+              resources:
+                requests:
+                  storage: 5Gi
+  users:
+    - name: infisical
+      databases:
+        - infisical