diff --git a/README.md b/README.md
index 0f24297..4fa945f 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,17 @@ gitea:
       rsa: -1 # Disable RSA
 ```
 
+Für die Definition des Datenbankpassworts werden zusätzlich noch die Variablen `db_secret` und `db_root_secret` aus dem Vault benötigt. Hier ein Beispiel-Vault, um die Struktur klar zu machen:
+
+```yaml
+vault:
+  example-gitea:
+    ansible_become_pass: bgnafeuginae
+    gitea:
+      db_secret: riasneudfgisn
+      db_root_secret: uiqfageksfhgfhgsk
+```
+
 ### Nachbereitung
 
 - Initiales Setup von Gitea via Web Gui durchführen.
diff --git a/templates/docker-compose.yaml.j2 b/templates/docker-compose.yaml.j2
index 6a86d76..baea879 100644
--- a/templates/docker-compose.yaml.j2
+++ b/templates/docker-compose.yaml.j2
@@ -6,8 +6,12 @@
 
 version: "3.8"
 
+networks:
+  gitea:
+    external: false
+
 services:
-  server:
+  gitea:
     image: gitea/gitea:{{ gitea_vars['version'] }}-rootless
     restart: always
     volumes:
@@ -18,5 +22,29 @@ services:
     ports:
       - "127.0.0.1:3000:3000"
       - "22:2222"
+    user: "{{ git_user.uid }}:{{ git_user.group }}"
     env_file: ./environment.env
-    user: "{{ git_user.uid }}:{{ git_user.group }}"
\ No newline at end of file
+    environment:
+      - GITEA__database__DB_TYPE=mysql
+      - GITEA__database__HOST=db:3306
+      - GITEA__database__NAME=gitea
+      - GITEA__database__USER=gitea
+      - "GITEA__database__PASSWD={{ vault[inventory_hostname]['gitea']['db_secret'] }}"
+    networks:
+      - gitea
+    depends_on:
+      - db
+
+  db:
+    image: mysql:8
+    restart: always
+    environment:
+      - MYSQL_DATABASE=gitea
+      - MYSQL_USER=gitea
+      - "MYSQL_PASSWORD={{ vault[inventory_hostname]['gitea']['db_secret'] }}"
+      - "MYSQL_ROOT_PASSWORD={{ vault[inventory_hostname]['gitea']['db_root_secret'] }}"
+    networks:
+      - gitea
+    volumes:
+      - ./mysql:/var/lib/mysql
+