diff --git a/configurations/host/waffentrager/services/auth.nix b/configurations/host/waffentrager/services/auth.nix
new file mode 100644
index 0000000..234b3fe
--- /dev/null
+++ b/configurations/host/waffentrager/services/auth.nix
@@ -0,0 +1,27 @@
+{ materusArg, config, lib, pkgs, ... }:
+{
+  options.waffentragerService.auth.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable auth";
+
+  config =
+    let
+      cfg = config.auth.postgresql;
+    in
+    lib.mkIf cfg.enable {
+      waffentragerService.elements.enable = true;
+      waffentragerService.nginx.enable = true;
+
+      services.postgresql.enable = true;
+      services.postgresql.package = pkgs."postgresql_${cfg.version}";
+      services.postgresql.dataDir = "${config.waffentragerService.elements.postgresqlDir}/${cfg.version}";
+      services.postgresql.enableJIT = true;
+      services.postgresql.authentication = pkgs.lib.mkOverride 10 ''
+        local all all trust
+        host all all 127.0.0.1/32 scram-sha-256
+      '';
+      systemd.services.postgresql = {
+        partOf = [ "elements-mount.service" ];
+        requires = [ "elements-mount.service" ];
+        after = [ "elements-mount.service" ];
+      };
+    };
+}
\ No newline at end of file
diff --git a/configurations/host/waffentrager/services/default.nix b/configurations/host/waffentrager/services/default.nix
index 5e6ddaf..cd7372e 100644
--- a/configurations/host/waffentrager/services/default.nix
+++ b/configurations/host/waffentrager/services/default.nix
@@ -8,6 +8,7 @@
       ./gitea.nix
       ./nginx.nix
       ./nextcloud.nix
+      ./auth.nix
     ];
   waffentragerService.elements.enable = true;
   waffentragerService.postgresql.enable = true;
@@ -15,4 +16,5 @@
   waffentragerService.gitea.enable = true;
   waffentragerService.nginx.enable = true;
   waffentragerService.nextcloud.enable = true;
+  waffentragerService.auth.enable = true;
 }
\ No newline at end of file