diff --git a/group_vars/postgresql.yml b/group_vars/postgresql.yml
index de325e3..33adddb 100644
--- a/group_vars/postgresql.yml
+++ b/group_vars/postgresql.yml
@@ -60,3 +60,15 @@ wal_g_pg_config:
   AWS_ENDPOINT: https://s3.backups.pyrocufflink.blue
   PGHOST: /run/postgresql
   WALG_STATSD_ADDRESS: localhost:9125
+
+postgresql_users:
+- name: ara
+- name: authelia
+- name: firefly
+- name: homeassistant
+
+postgresql_dbs:
+- name: ara
+- name: authelia
+- name: firefly
+- name: homeassistant
diff --git a/postgresql.yml b/postgresql.yml
index c55b042..c0f2e1e 100644
--- a/postgresql.yml
+++ b/postgresql.yml
@@ -14,3 +14,5 @@
   - postgresql-server
   - role: postgres-exporter
     tags: postgres-exporter
+  - role: postgresql-data
+    tags: postgresql-data
diff --git a/roles/postgresql-data/defaults/main.yml b/roles/postgresql-data/defaults/main.yml
new file mode 100644
index 0000000..8a7f24d
--- /dev/null
+++ b/roles/postgresql-data/defaults/main.yml
@@ -0,0 +1,2 @@
+postgresql_users: []
+postgresql_dbs: []
diff --git a/roles/postgresql-data/tasks/main.yml b/roles/postgresql-data/tasks/main.yml
new file mode 100644
index 0000000..9b3711a
--- /dev/null
+++ b/roles/postgresql-data/tasks/main.yml
@@ -0,0 +1,23 @@
+- name: ensure postgresql users exist
+  become: true
+  become_user: postgres
+  postgresql_user:
+    name: '{{ item.name }}'
+    password: '{{ item.password|d(omit) }}'
+    state: present
+  loop: '{{ postgresql_users }}'
+  tags:
+  - postgresql-user
+
+- name: ensure postgresql databases exist
+  become: true
+  become_user: postgres
+  postgresql_db:
+    name: '{{ item.name }}'
+    owner: '{{ item.owner|d(item.name) }}'
+    encoding: '{{ item.encoding|d(omit) }}'
+    lc_collate: '{{ item.lc_collate|d(omit) }}'
+    lc_ctype: '{{ item.lc_ctype|d(omit) }}'
+  loop: '{{ postgresql_dbs }}'
+  tags:
+  - postgresql-db