diff --git a/README.md b/README.md
index b71cb25..3575d1a 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,4 @@
 # keycloak
-
-Keycloak insatll script
\ No newline at end of file
+This repo contains: 
+  - Keycloak cluster script
+  - Postgres hot standby replication script
diff --git a/keycloak.sh b/keycloak.sh
new file mode 100644
index 0000000..82a8d42
--- /dev/null
+++ b/keycloak.sh
@@ -0,0 +1,67 @@
+#! /bin/bash 
+
+RAND_PASS=`pwgen -s1 16`
+
+read -p "Keycloak version: " -ei '24.0.4' KEYCLOAK_VERSION
+read -p "Server hostname: " -ei 'keycloak.exmample.com' KEYCLOAK_HOST
+read -p "Postgres hostname: " -ei 'localhost' POSTGRES_HOST 
+read -p "Postgres username: " -ei 'keycloak' POSTGRES_USER 
+read -p "Postgres password: " -ei "$RAND_PASS" POSTGRES_PASS 
+read -p "Postgres database: " -ei 'keycloak' POSTGRES_DB 
+
+echo $PASSWORD_PASS > /usr/local/src/keycloak_db_pass
+
+if [ ! -f "keycloak-$KEYCLOAK_VERSION.tar.gz" ]; then 
+wget https://github.com/keycloak/keycloak/releases/download/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz
+wget https://github.com/keycloak/keycloak/releases/download/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz.sha1
+fi
+
+SHA_HASH=`sha1sum keycloak-$KEYCLOAK_VERSION.tar.gz | cut -d" " -f1`
+KEYCLOAK_HASH=`cat keycloak-$KEYCLOAK_VERSION.tar.gz.sha1`
+
+if [ "$SHA_HASH" != "$KEYCLOAK_HASH" ]; then
+	echo "Exit. Hash doesnt match."
+else
+  sudo -u postgres psql -h $POSTGRES_HOST -c "CREATE DATABASE $POSTGRES_DB"
+	sudo -u postgres psql -h $POSTGRES_HOST -c "CREATE USER $POSTGRES_USER WITH PASSWORD $POSTGRES_PASS"
+  sudo -u postgres psql -h $POSTGRES_HOST -c "GRANT ALL PRIVILEGES ON DATABASE $POSTGRES_DB TO $POSTGRES_USER"
+	tar xpf keycloak-$KEYCLOAK_VERSION.tar.gz 
+	mv keycloak-$KEYCLOAK_VERSION /opt/keycloak
+	echo "
+# Basic settings for running in production. Change accordingly before deploying the server.
+
+# Database
+
+# The database vendor.
+db=postgres
+
+# The username of the database user.
+db-username=$POSTGRES_USER
+
+# The password of the database user.
+db-password=$POSTGRES_PASS
+
+# The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.
+db-url=jdbc:postgresql://$POSTGRES_HOST/$POSTGRES_DB
+
+# Observability
+
+# If the server should expose healthcheck endpoints.
+health-enabled=true
+
+# If the server should expose metrics endpoints.
+metrics-enabled=true
+
+# HTTP
+# The proxy address forwarding mode if the server is behind a reverse proxy.
+proxy=edge
+proxy-headers=xforwarded
+
+# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy
+#spi-sticky-session-encoder-infinispan-should-attach-route=false
+
+# Hostname for the Keycloak server.
+hostname=$KEYCLOAK_HOST
+hostname-strict=false" > /opt/keycloak/conf/keyclaok.conf 
+fi
+
diff --git a/postgres_replication/postgres-master.sh b/postgres_replication/postgres-master.sh
new file mode 100644
index 0000000..b3c964c
--- /dev/null
+++ b/postgres_replication/postgres-master.sh
@@ -0,0 +1,26 @@
+#! /bin/bash 
+if [ "$(whoami)" != "root" ]; then
+    SUDO=sudo
+fi
+${SUDO} apt install -y postgresql pwgen
+
+RAND_PASS=`pwgen -s1 16`
+POSTGRES_VERSION=`${SUDO} apt show postgresql | grep Version | cut -d" " -f2 | cut -d"+" -f1`
+
+read -p "Postgres replica ip: " -ei '' REPLICA_IP
+read -p "Postgres replica user: " -ei 'replica_user' REPLICA_USER 
+read -p "Postgres replica password: " -ei "$RAND_PASS" REPLICA_PASS 
+${SUDO} echo $REPLICA_PASS > /usr/local/src/postgres_replica_password
+${SUDO} echo "Password is stored in /usr/local/src/postgres_replica_password"
+
+sudo -u postgres pg_conftool set listen_addresses  0.0.0.0
+sudo -u postgres pg_conftool set log_destination   syslog
+sudo -u postgres pg_conftool set max_wall_senders  3
+sudo -u postgres pg_conftool set wal_keep_size     1GB
+sudo -u postgres pg_conftool set wal_level         replica
+sudo -u postgres pg_conftool set wal_log_hints     on
+
+sudo -u postgres psql -c "CREATE USER '$REPLICA_USER' REPLICATION LOGIN CONNECTION LIMIT 3 ENCRYPTED PASSWORD '$REPLICA_PASS';" 
+${SUDO} echo "host    replication     $REPLICA_USER      $REPLICA_IP/24          trust" >> /etc/postgresql/$POSTGRES_VERSION/main/pg_hba.conf
+
+${SUDO} systemctl restart postgresql
diff --git a/postgres_replication/postgres-replica.sh b/postgres_replication/postgres-replica.sh
new file mode 100644
index 0000000..b6e365c
--- /dev/null
+++ b/postgres_replication/postgres-replica.sh
@@ -0,0 +1,18 @@
+#! /bin/sh
+
+if [ "$(whoami)" != "root" ]; then
+    SUDO=sudo
+fi
+${SUDO} apt install -y postgresql 
+POSTGRES_VERSION=`apt show postgresql | grep Version | cut -d" " -f2 | cut -d"+" -f1`
+read -p "Postgres Master IP: " -ei "" POSTGRES_MASTER
+read -p "Postgres replica username: " -ei "replica_user" REPLICA_USER
+read -p "Postgres replica password: " -ei "" REPLICA_PASS
+
+${SUDO} systemctl stop postgresql 
+sudo -u postgres pg_conftool set primary_conninfo  "host=$POSTGRES_MASTER port=5432 user=$POSTGRES_USER password=$POSTGRES_PASS"
+sudo -u postgres pg_conftool set primary_slot_name replica_1
+
+
+sudo -u postgres pg_basebackup -h $POSTGRES_MASTER -U -X stream -C -S replica_1 -v -R -W -D /var/lib/postgresql/$POSTGRES_VERSION/main/
+${SUDO} systemctl start postgresql