diff --git a/site-cookbooks/kosmos-ejabberd/recipes/default.rb b/site-cookbooks/kosmos-ejabberd/recipes/default.rb
index c43f2f0..6e60685 100644
--- a/site-cookbooks/kosmos-ejabberd/recipes/default.rb
+++ b/site-cookbooks/kosmos-ejabberd/recipes/default.rb
@@ -28,11 +28,6 @@ include_recipe "kosmos-postgresql"
 
 ejabberd_credentials = data_bag_item("credentials", "ejabberd")
 
-cookbook_file "#{Chef::Config[:file_cache_path]}/pg.sql" do
-  source "pg.sql"
-  mode "0664"
-end
-
 ejabberd_version = node["kosmos-ejabberd"]["version"]
 package_checksum = node["kosmos-ejabberd"]["checksum"]
 package_path = "#{Chef::Config['file_cache_path']}/ejabberd_#{ejabberd_version}-0_amd64.deb"
@@ -52,11 +47,6 @@ end
 
 postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
 
-postgresql_user 'ejabberd' do
-  action :create
-  password postgresql_data_bag_item['ejabberd_user_password']
-end
-
 hosts = [
   {
     name: "kosmos.org",
@@ -111,21 +101,14 @@ ldap_base = "cn=users,dc=kosmos,dc=org"
 
 admin_users = ejabberd_credentials['admins']
 
+postgresql_primary_node = postgresql_primary
+postgresql_server = postgresql_primary_node[:ipaddress]
+# PostgreSQL is on the same server, connect through localhost
+postgresql_server = "localhost" if postgresql_primary_node[:hostname] == node[:hostname]
+
 hosts.each do |host|
   ldap_rootdn = "uid=xmpp,ou=#{host[:name]},cn=applications,dc=kosmos,dc=org"
 
-  postgresql_database host[:sql_database] do
-    owner 'ejabberd'
-    action :create
-    notifies :run, "execute[create db schema #{host[:sql_database]}]", :delayed
-  end
-
-  execute "create db schema #{host[:sql_database]}" do
-    user "ejabberd"
-    command "psql #{host[:sql_database]} < #{Chef::Config[:file_cache_path]}/pg.sql"
-    action :nothing
-  end
-
   template "/opt/ejabberd/conf/#{host[:name]}.yml" do
     source    "vhost.yml.erb"
     mode      0640
@@ -133,6 +116,7 @@ hosts.each do |host|
     group     'ejabberd'
     sensitive true
     variables pgsql_password: postgresql_data_bag_item['ejabberd_user_password'],
+              sql_server: postgresql_server,
               host: host,
               ldap_base: ldap_base,
               ldap_server: ldap_domain,
diff --git a/site-cookbooks/kosmos-ejabberd/recipes/pg_db.rb b/site-cookbooks/kosmos-ejabberd/recipes/pg_db.rb
new file mode 100644
index 0000000..326ffda
--- /dev/null
+++ b/site-cookbooks/kosmos-ejabberd/recipes/pg_db.rb
@@ -0,0 +1,76 @@
+#
+# Cookbook:: kosmos-ejabberd
+# Recipe:: pg_db
+#
+# The MIT License (MIT)
+#
+# Copyright:: 2020, Kosmos Developers
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#
+
+postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
+
+postgresql_service = "service[#{postgresql_service_name}]"
+
+service postgresql_service do
+  supports restart: true, status: true, reload: true
+end
+
+postgresql_user 'ejabberd' do
+  action :create
+  password postgresql_data_bag_item['ejabberd_user_password']
+end
+
+databases = ["ejabberd", "ejabberd_5apps"]
+
+ejabberd_servers = search(:node, "role:ejabberd AND chef_environment:#{node.chef_environment}")
+
+databases.each do |database|
+  postgresql_database database do
+    owner 'ejabberd'
+    action :create
+    notifies :run, "execute[create db schema #{database}]", :delayed
+  end
+
+  cookbook_file "#{Chef::Config[:file_cache_path]}/pg.sql" do
+    source "pg.sql"
+    mode "0664"
+  end
+
+  execute "create db schema #{database}" do
+    user "postgres"
+    command "psql #{database} < #{Chef::Config[:file_cache_path]}/pg.sql"
+    action :nothing
+  end
+
+  ejabberd_servers.each do |ejabberd_server|
+    ip = ip_for(ejabberd_server)
+    hostname = ejabberd_server[:hostname]
+
+    postgresql_access "ejabberd #{hostname}" do
+      access_type "host"
+      access_db "ejabberd"
+      access_user "ejabberd"
+      access_addr "#{ip}/32"
+      access_method "md5"
+      notifies :reload, postgresql_service, :delayed
+    end
+  end
+end
diff --git a/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb b/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb
index 32c064d..eb6c943 100644
--- a/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb
+++ b/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb
@@ -7,7 +7,7 @@ certfiles:
 host_config:
   "<%= @host[:name] %>":
     sql_type: pgsql
-    sql_server: "localhost"
+    sql_server: "<%= @sql_server %>"
     sql_database: "<%= @host[:sql_database] %>"
     sql_username: "ejabberd"
     sql_password: "<%= @pgsql_password %>"