diff --git a/features/postgres.nix b/features/postgres.nix
new file mode 100644
index 0000000..3bc8061
--- /dev/null
+++ b/features/postgres.nix
@@ -0,0 +1,22 @@
+{ pkgs, ... }:
+{
+  # PostgreSQL itself
+  services.postgresql = {
+    enable = true;
+    package = pkgs.postgresql_12; # HACK: for work
+    # enableTCPIP = false;
+    # https://nixos.wiki/wiki/PostgreSQL
+    authentication = pkgs.lib.mkOverride 10
+      ''
+        # Unix domain socket
+        local all all trust
+        # TCP/IP connections from loopback only
+        host all all ::1/128 trust
+      '';
+    initialScript = pkgs.writeText "backend-initScript" ''
+      CREATE ROLE nixcloud WITH LOGIN PASSWORD 'nixcloud' CREATEDB;
+      CREATE DATABASE nixcloud;
+      GRANT ALL PRIVILEGES ON DATABASE nixcloud TO nixcloud;
+    '';
+  };
+}
diff --git a/flake.nix b/flake.nix
index 73053e3..4fac282 100644
--- a/flake.nix
+++ b/flake.nix
@@ -69,6 +69,7 @@
             ./features/ema/emanote.nix
             ./features/lxd.nix
             ./features/docker.nix
+            ./features/postgres.nix
           ];
         thin = mkComputer
           ./hosts/thin.nix