diff --git a/infra/deploy-playbook.yaml b/infra/deploy-playbook.yaml
index 6e5e0d6..1a9fb97 100644
--- a/infra/deploy-playbook.yaml
+++ b/infra/deploy-playbook.yaml
@@ -50,37 +50,6 @@
     - name: Reset ssh connection to allow the user/group change to take effect
       ansible.builtin.meta: reset_connection
 
-    - name: Build container image locally
-      community.docker.docker_image:
-        name: gamearray
-        source: build
-        state: present
-        build:
-          path: /mnt/d/cosmovault/latticework/oreilly/percival/python-tdd
-          platform: linux/amd64
-        force_source: true
-      delegate_to: 127.0.0.1
-
-    - name: Export container image locally
-      community.docker.docker_image:
-        name: gamearray
-        archive_path: /tmp/gamearray-img.tar
-        source: local
-      delegate_to: 127.0.0.1
-
-    - name: Upload image to server
-      ansible.builtin.copy:
-        src: /tmp/gamearray-img.tar
-        dest: /tmp/gamearray-img.tar
-
-    - name: Import container image on server
-      community.docker.docker_image:
-        name: gamearray
-        load_path: /tmp/gamearray-img.tar
-        source: load
-        force_source: true
-        state: present
-
     - name: Ensure .secret-key files exists
       # the intention is that this only happens once per server
       ansible.builtin.copy:
@@ -120,27 +89,47 @@
         cmd: docker login gitea.earthmanrpg.me -u discoman -p {{ gitea_registry_token }}
       no_log: true
 
-    - name: Ensure db.sqlite3 file exists outside container
-      ansible.builtin.file:
-        path: "{{ ansible_env.HOME }}/db.sqlite3"
-        state: touch
-        owner: 1234 # so nonroot user can access it in container
-      become: true # needed for ownership change
+    - name: Create Docker network
+      community.docker.docker_network:
+        name: gamearray_net
+        state: present
+
+    - name: Create Postgres data volume
+      community.docker.docker_volume:
+        name: gamearray_postgres_data
+        state: present
+
+    - name: Start Postgres container
+      community.docker.docker_container:
+        name: gamearray_postgres
+        image: postgres:16
+        state: started
+        restart_policy: unless-stopped
+        networks:
+          - name: gamearray_net
+        volumes:
+          - gamearray_postgres_data:/var/lib/postgresql/data
+        env:
+          POSTGRES_DB: gamearray
+          POSTGRES_USER: gamearray
+          POSTGRES_PASSWORD: "{{ postgres_password }}"
 
     - name: Run container
       community.docker.docker_container:
         name: gamearray
-        image: gamearray
+        image: gitea.earthmanrpg.me/discoman/gamearray:latest
         state: started
         recreate: true
         env:
           DJANGO_DEBUG_FALSE: "1"
           DJANGO_SECRET_KEY: "{{ secret_key.content | b64decode }}"
           DJANGO_ALLOWED_HOST: "{{ django_allowed_host }}"
-          DJANGO_DB_PATH: "/home/nonroot/db.sqlite3"
+          DATABASE_URL: "postgresql://gamearray:{{ postgres_password }}@gamearray_postgres/gamearray"
           EMAIL_HOST_USER: "{{ email_host_user }}"
           EMAIL_HOST_PASSWORD: "{{ email_host_password }}"
           MAILGUN_API_KEY: "{{  mailgun_api_key }}"
+        networks:
+          - name: gamearray_net
         ports:
           127.0.0.1:8888:8888
 
@@ -160,7 +149,7 @@
     - name: Run migration inside container
       community.docker.docker_container_exec:
         container: gamearray
-        command: ./manage.py migrate
+        command: python manage.py migrate
 
   handlers:
     - name: Restart nginx
diff --git a/infra/deploy.sh.j2 b/infra/deploy.sh.j2
index 3c22fa3..5f12f85 100644
--- a/infra/deploy.sh.j2
+++ b/infra/deploy.sh.j2
@@ -13,6 +13,7 @@ docker rm gamearray 2>/dev/null || true
 echo "==> Starting new container..."
 docker run -d --name gamearray \
     --env-file /opt/gamearray/gamearray.env \
+    --network gamearray_net \
     -p 127.0.0.1:8888:8888 \
     "$IMAGE"
 
diff --git a/infra/gamearray.env.j2 b/infra/gamearray.env.j2
index 797a589..d8257af 100644
--- a/infra/gamearray.env.j2
+++ b/infra/gamearray.env.j2
@@ -1,7 +1,7 @@
 DJANGO_DEBUG_FALSE=1
 DJANGO_SECRET_KEY={{ secret_key.content | b64decode }}
 DJANGO_ALLOWED_HOST={{ django_allowed_host }}
-DJANGO_DB_PATH=/home/nonroot/db.sqlite3
+DATABASE_URL=postgresql://gamearray:{{ postgres_password }}@gamearray_postgres/gamearray
 EMAIL_HOST_USER={{ email_host_user }}
 EMAIL_HOST_PASSWORD={{ email_host_password }}
-MAILGUN_API_KEY={{ mailgun_api_key }}
\ No newline at end of file
+MAILGUN_API_KEY={{ mailgun_api_key }}
diff --git a/infra/group_vars/staging/vault.yaml b/infra/group_vars/staging/vault.yaml
index 37bf418..b02574d 100644
--- a/infra/group_vars/staging/vault.yaml
+++ b/infra/group_vars/staging/vault.yaml
@@ -1,28 +1,32 @@
 $ANSIBLE_VAULT;1.1;AES256
-36653566363731653435616430626663303038623766663561363231333163336165623863613964
-6164383861643530366438623465613565373032396331350a666163636431636663353162383531
-34306534656430653533303530613764336438616536343534663236333665323837636337333334
-3432643436636265610a313465396435616263386631353336326464333930613865313934313032
-38353362623937643234333466323063336535623666613366633263623034616638653566666463
-66323032653034376663623933306162313832643038653764643864666433376236643163663637
-63626334393963343934666665373764393066383866616461333063633664363436613031663036
-61343939343633393138666637646137376537393335663032383839306365613764303833323338
-33343936333730373362393466373238636666343762373134633962383237623335373634656330
-37363039393261313034306166656563333461353034646234323462623631393338383461363961
-33356564633637333630663464613265666264393435363238383530333861636365616362316130
-38353464343064616463636535316339336430323866303161393065363830356431386430666534
-61353961666333313536616661636631643630373337633262653662393863336264636431366634
-32323533383963393435343935616135663262633634356631363632396233383839326365396333
-64333232626465643438313132323661386235313063303036303631376537353666313532323766
-63633834336631633364333334373461333836666630353363343365323033653234356536643939
-30316538663230653636316532393931333936613733336366326239633362353666636436636136
-64656134663733376630316536616138613234383838316138616433353531396363316462626133
-62383431396465333634623066333565643332613935653532613536646632346533383362393330
-38646562393762346434663666313431363037636463306435663263386336343461303839346365
-63326432643662353830383736613636643866363765366132653563363036316265646531623433
-30303131323165653564333331353233373731333539346163613564343331373931633365633631
-66396332653436376430626564316639623362383635633134343234626462333162336464656438
-65393062333631373836303662326436333265373033353339356334633666363065636164343239
-64623535663633653130643764656539643339633061646437643366376261383137613439323934
-37343338336130313339356531333038613334393736353365366662313262653737623533616366
-346430623266646464353639386266313339
+30613631623932656263306132643162643365633835396562363635653233316634366639623664
+3431323239343430383264353064373437333538323461640a363263633563613633396661383034
+65383332386539666363343266336364323331323861363439373466653535626163356632356461
+3532386430316433610a366631373534303830656639323232376532666134623436366438333263
+35653130376232613731346565613462353433653932316232633936616361373061613339616437
+36356565333965353135613534343737626139643635333931383432653139313730376332333630
+37366334343065623136386462663830643233613638373361393637653931323865633232376332
+36316466646330303363333430626533396563623535373861353038623736326265643139333262
+64393935386565373531616431376435633663313165323132373935306636613331623931623566
+34646538346230663332633137643164626434383765613661323461643764663832333534303031
+30383365323561666538636266613435613236303033363064323466323037396364656534383032
+65633830323366346234666334363231393433306561346263356232366233333531323562383037
+63313931663339656533373533323566616361366332636364616335613336343165636433333137
+34343863653832653534366262343732653433653938333264376436616233626233383337383466
+31386633626133646538363063623062353361616564336261623364643736623136666634346466
+65666134316232316232373965386135623663396536633632373162343161636464613866306637
+38666339393564363862353135366639633530366461653664306162616261323834636131613131
+33633735386462336363646665656566616261663333326130383064303461356465396436656462
+64353835323232396365663130653834643337323036643333313563656630623662356537366235
+36646635646435333335343935646436623430353263393761613962353832326361373563346131
+34623537613861316562666634323438656663626238373230663565633138613539306537313866
+63613034666339393362663232353139313132623362306335373861623239353464306265326532
+62623334373263303135383537376562613933633661626233626433313433356365343735366539
+32333135646664363231333738366232646337316661623230323534366338656264376335353235
+34613533613631393064656239323530316438376232343933356464666637396666356464366139
+66316134633164653865326336623736383032666130653930306364313237663365323464383166
+35323634643032363265623338666165376365353135323732373932643564316261353662336166
+35333134373636313238333935626434663165636530306234396437336436323465386538336463
+66643036396161346330633436393532323962313762383134633164623139373362333138663236
+61353165663433383436666266366132633937316236306566346261633063393366343936323331
+643966366566643663373235386133326130