diff --git a/.env.sample b/.env.sample
index 47ad531..ee08f6c 100644
--- a/.env.sample
+++ b/.env.sample
@@ -8,11 +8,15 @@ DOMAIN=hedgedoc.example.com
 #EXTRA_DOMAINS=', `www.hedgedoc.example.com`'
 LETS_ENCRYPT_ENV=production
 
-SECRET_DB_PASSWORD_VERSION=v1
 SECRET_SESSION_SECRET_VERSION=v1
 
 COMPOSE_FILE="compose.yml"
 
+# PostgreSQL
+
+#COMPOSE_FILE="$COMPOSE_FILE:compose.postgresql.yml"
+#SECRET_DB_PASSWORD_VERSION=v1
+
 # OAuth, see https://docs.hedgedoc.org/guides/auth/keycloak/
 
 #COMPOSE_FILE="$COMPOSE_FILE:compose.oauth.yml"
diff --git a/abra.sh b/abra.sh
index d5adac0..a26aebe 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,2 +1,2 @@
-export ENTRYPOINT_CONF_VERSION=v9
+export ENTRYPOINT_CONF_VERSION=v10
 export PG_BACKUP_VERSION=v1
diff --git a/compose.postgresql.yml b/compose.postgresql.yml
new file mode 100644
index 0000000..6fc8ee5
--- /dev/null
+++ b/compose.postgresql.yml
@@ -0,0 +1,55 @@
+version: "3.8"
+services:
+  app:
+    environment:
+      - CMD_DB_URL=
+      - CMD_DB_NAME=codimd
+      - CMD_DB_USER=codimd
+      - CMD_DB_HOST=db
+      - CMD_DB_PASSWORD_FILE=/run/secrets/db_password
+    depends_on:
+      - db
+    networks:
+      - internal
+    secrets:
+      - db_password
+  db:
+    image: postgres:16.4-alpine
+    environment:
+      - POSTGRES_USER=codimd
+      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+      - POSTGRES_DB=codimd
+    volumes:
+      - "postgres:/var/lib/postgresql/data"
+    secrets:
+      - db_password
+    networks:
+      - internal
+    deploy:
+      labels:
+        backupbot.backup: "${ENABLE_BACKUPS:-true}"
+        backupbot.backup.pre-hook: "/pg_backup.sh backup"
+        backupbot.backup.volumes.postgres.path: "backup.sql"
+        backupbot.restore.post-hook: '/pg_backup.sh restore'
+    healthcheck:
+      test: "pg_isready"
+      interval: 30s
+      timeout: 10s
+      retries: 5
+      start_period: 1m
+    configs:
+        - source: pg_backup
+          target: /pg_backup.sh
+          mode: 0555
+volumes:
+  postgres:
+secrets:
+  db_password:
+    external: true
+    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
+networks:
+  internal:
+configs:
+  pg_backup:
+    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
+    file: pg_backup.sh
diff --git a/compose.yml b/compose.yml
index 06743ab..f8ed245 100644
--- a/compose.yml
+++ b/compose.yml
@@ -8,10 +8,7 @@ services:
       - CMD_DOMAIN=$DOMAIN
       - CMD_PROTOCOL_USESSL=true
       - CMD_HSTS_ENABLE=false
-      - CMD_DB_NAME=codimd
-      - CMD_DB_USER=codimd
-      - CMD_DB_HOST=db
-      - CMD_DB_PASSWORD_FILE=/run/secrets/db_password
+      - CMD_DB_URL=sqlite:/database/db.sqlite3
       - CMD_ALLOW_ANONYMOUS
       - CMD_ALLOW_ANONYMOUS_EDITS
       - CMD_ALLOW_EMAIL_REGISTER
@@ -29,15 +26,12 @@ services:
       - CMD_SESSION_LIFE
       - CMD_SESSION_SECRET_FILE=/run/secrets/session_secret
       - DOCUMENT_MAX_LENGTH
-    depends_on:
-      - db
     networks:
       - proxy
-      - internal
     volumes:
       - codimd_uploads:/hedgedoc/public/uploads
+      - codimd_database:/database
     secrets:
-      - db_password
       - session_secret
     entrypoint: /docker-entrypoint.sh
     configs:
@@ -61,55 +55,23 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
         - "coop-cloud.${STACK_NAME}.version=1.2.2+1.10.1"
+        - "backupbot.backup=${ENABLE_BACKUPS:-true}"
     healthcheck:
       test: "nodejs -e \"http.get('http://localhost:3000', (res) => { console.log('status: ', res.statusCode); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } });\""
       interval: 30s
       timeout: 10s
       retries: 10
       start_period: 1m
-  db:
-    image: postgres:16.4-alpine
-    environment:
-      - POSTGRES_USER=codimd
-      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
-      - POSTGRES_DB=codimd
-    volumes:
-      - "postgres:/var/lib/postgresql/data"
-    secrets:
-      - db_password
-    networks:
-      - internal
-    deploy:
-      labels:
-        backupbot.backup: "${ENABLE_BACKUPS:-true}"
-        backupbot.backup.pre-hook: "/pg_backup.sh backup"
-        backupbot.backup.volumes.postgres.path: "backup.sql"
-        backupbot.restore.post-hook: '/pg_backup.sh restore'
-    healthcheck:
-      test: "pg_isready"
-      interval: 30s
-      timeout: 10s
-      retries: 5
-      start_period: 1m
-    configs:
-        - source: pg_backup
-          target: /pg_backup.sh
-          mode: 0555
-
 volumes:
-  postgres:
   codimd_uploads:
+  codimd_database:
 secrets:
-  db_password:
-    external: true
-    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
   session_secret:
     external: true
     name: ${STACK_NAME}_session_secret_${SECRET_SESSION_SECRET_VERSION}
 networks:
   proxy:
     external: true
-  internal:
 configs:
   config_json:
     name: ${STACK_NAME}_config_${ENTRYPOINT_CONF_VERSION}
@@ -119,6 +81,3 @@ configs:
     name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
     file: entrypoint.sh.tmpl
     template_driver: golang
-  pg_backup:
-    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
-    file: pg_backup.sh
diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl
index c586369..960b23a 100644
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@@ -34,11 +34,13 @@ main() {
   mkdir -p "/hedgedoc/.npm" && \
     chown -R 10000:65534 "/hedgedoc/.npm" && \
     chmod "u+rwx" "/hedgedoc/.npm"
+
+  chown -R 10000:65534 /database
 }
 
 main
 
-export CMD_DB_URL=postgres://$CMD_DB_USER:$CMD_DB_PASSWORD@$CMD_DB_HOST:5432/$CMD_DB_NAME
+export CMD_DB_URL="${CMD_DB_URL:-postgres://$CMD_DB_USER:$CMD_DB_PASSWORD@$CMD_DB_HOST:5432/$CMD_DB_NAME}"
 
 # 3wc: `source /docker-entrypoint.sh -e` to load CMD_DB_URL for CLI scripts
 if [ ! "${1-}" == "-e" ]; then