diff --git a/ansible/roles/schulcloud-calendar-core/templates/configmap.yml.j2 b/ansible/roles/schulcloud-calendar-core/templates/configmap.yml.j2
index 5f0fc88..1033ba9 100644
--- a/ansible/roles/schulcloud-calendar-core/templates/configmap.yml.j2
+++ b/ansible/roles/schulcloud-calendar-core/templates/configmap.yml.j2
@@ -16,3 +16,7 @@ data:
 {% if CAL_IS_MIGRATION is defined %}
   IS_MIGRATION: "{{ CAL_IS_MIGRATION }}"
 {% endif %}
+{% if WITH_BRANCH_POSTGRES_DB_MANAGEMENT is defined and WITH_BRANCH_POSTGRES_DB_MANAGEMENT|bool %}
+  DB_HOST: {{ POSTGRES_HOST }}
+  DB_SSL: true
+{% endif %}
\ No newline at end of file
diff --git a/ansible/roles/schulcloud-calendar-core/templates/deployment.yml.j2 b/ansible/roles/schulcloud-calendar-core/templates/deployment.yml.j2
index 551e356..bf7401f 100644
--- a/ansible/roles/schulcloud-calendar-core/templates/deployment.yml.j2
+++ b/ansible/roles/schulcloud-calendar-core/templates/deployment.yml.j2
@@ -43,10 +43,21 @@ spec:
         ports:
         - containerPort: 3000
         envFrom:
+        - secretRef:
+            name: calendar-secret
         - configMapRef:
             name: calendar-configmap
+{% if WITH_BRANCH_POSTGRES_DB_MANAGEMENT is defined and WITH_BRANCH_POSTGRES_DB_MANAGEMENT|bool %}
         - secretRef:
-            name: calendar-secret
+            name: pg-calendar-secret
+        env:
+        - name: DB_PASSWORD
+          value: "${DB_USER_PASSWORD}"
+        - name: DB_USERNAME
+          value: "${DB_USER}"
+        - name: DB_DATABASE
+          value: "${DB_NAME}"
+{% endif %}
         livenessProbe:
           failureThreshold: 3
           httpGet:
diff --git a/ansible/roles/schulcloud-calendar-init/templates/job_init_db.yml.j2 b/ansible/roles/schulcloud-calendar-init/templates/job_init_db.yml.j2
index 11be6e0..a0c61f0 100644
--- a/ansible/roles/schulcloud-calendar-init/templates/job_init_db.yml.j2
+++ b/ansible/roles/schulcloud-calendar-init/templates/job_init_db.yml.j2
@@ -11,10 +11,21 @@ spec:
       - name: calendar-db-init
         image: schulcloud/infra-tools:latest
         envFrom:
+        - secretRef:
+            name: calendar-secret
         - configMapRef:
             name: calendar-configmap
+{% if WITH_BRANCH_POSTGRES_DB_MANAGEMENT is defined and WITH_BRANCH_POSTGRES_DB_MANAGEMENT|bool %}
         - secretRef:
-            name: calendar-secret
+            name: pg-calendar-secret
+        env:
+        - name: DB_PASSWORD
+          value: "${DB_USER_PASSWORD}"
+        - name: DB_USERNAME
+          value: "${DB_USER}"
+        - name: DB_DATABASE
+          value: "${DB_NAME}"
+{% endif %}
         volumeMounts:
         - name: script
           mountPath: /update.sh