diff --git a/postgres/defaults/main.yml b/postgres/defaults/main.yml
index 97bb8882e1d7e5d7a4d52db030338fdffdcc4af0..1f70df5df2a9ee6163768a95c4350a4e71bfe20a 100644
--- a/postgres/defaults/main.yml
+++ b/postgres/defaults/main.yml
@@ -2,3 +2,11 @@
 
 postgres_pgdg_repo: false
 postgres_rsnapshot: false
+postgres_commvault_compat: false
+
+postgres_versions_debian:
+  buster: "11"
+  bullseye: "13"
+  bookworm: "14"
+
+postgres_version: "{{ postgres_versions_debian[ansible_distribution_release] }}"
diff --git a/postgres/handlers/main.yml b/postgres/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..6b6cbd77c83086091eaa2e15b57a3db5aeb833a1
--- /dev/null
+++ b/postgres/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Restart Postgres
+  systemd:
+    name: postgresql.service
+    state: restarted
diff --git a/postgres/tasks/main.yml b/postgres/tasks/main.yml
index 868ea8465ba86b4467d0c68cd28560de9596862f..16ad7921f8d2bcbcd763c332eaa8b9ebebbe8f87 100644
--- a/postgres/tasks/main.yml
+++ b/postgres/tasks/main.yml
@@ -17,8 +17,7 @@
 - name: ensure postgres packages are installed
   apt:
     name:
-      # yamllint disable-line rule:line-length
-      - postgresql{{ "-{}".format(postgres_version) if postgres_version is defined }}
+      - postgresql-{{ postgres_version }}
       - python3-psycopg2
       - libpq-dev
     state: present
@@ -41,6 +40,7 @@
   block:
     - name: ensure we have our postgres backup script
       copy:
+        # yamllint disable-line rule:line-length
         src: "pgbackup{{ '-bullseye' if ansible_distribution_major_version|int(default=99) > 10 else '' }}.sh"
         dest: /usr/local/bin/pgbackup.sh
         owner: root
@@ -59,3 +59,49 @@
       file:
         path: /etc/cron.d/postgres-snapshot
         state: absent
+
+- name: Configure Commvault backup compatibility
+  when: postgres_commvault_compat
+  block:
+    - name: Create WAL backup directory
+      file:
+        path: /var/backups/pg_wal
+        state: directory
+        owner: postgres
+        group: postgres
+        mode: '0750'
+
+    - name: Configure Postgres WAL archive
+      lineinfile:
+        path: /etc/postgresql/{{ postgres_version }}/main/postgresql.conf
+        regexp: "{{ item.regexp }}"
+        line: "{{ item.line }}"
+      loop:
+        - regexp: ^archive_mode\s*=
+          line: archive_mode = on
+        - regexp: ^archive_command\s*=
+          line: archive_command = 'cp %p /var/backups/pg_wal/%f'
+      notify:
+        - Restart Postgres
+
+    - name: Configure Postgres ident mappings
+      lineinfile:
+        path: /etc/postgresql/{{ postgres_version }}/main/pg_ident.conf
+        regexp: "{{ item.regexp }}"
+        line: "{{ item.line }}"
+      loop:
+        - regexp: ^postgres\s+postgres\s+postgres$
+          line: "postgres\tpostgres\t\tpostgres"
+        - regexp: ^postgres\s+root\s+postgres$
+          line: "postgres\troot\t\t\tpostgres"
+      notify:
+        - Restart Postgres
+
+    - name: Configure Postgres to use ident mapping for postgres role
+      lineinfile:
+        path: /etc/postgresql/{{ postgres_version }}/main/pg_hba.conf
+        regexp: ^local\s+all\s+postgres\s+peer
+        # yamllint disable-line rule:line-length
+        line: "local   all             postgres                                peer map=postgres"
+      notify:
+        - Restart Postgres