diff --git a/concourse/README.md b/concourse/README.md
index ec78ff7..2f60b4b 100644
--- a/concourse/README.md
+++ b/concourse/README.md
@@ -4,7 +4,7 @@
 
 This chart bootstraps a [Concourse](https://concourse.ci/) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 
-It is inspired by the [upstream Concourse chart](https://github.com/kubernetes/charts/tree/master/stable/concourse) but uses the [Azure Service Broker](https://github.com/Azure/azure-service-broker) to provision an [Azure Database for PostgreSQL](https://azure.microsoft.com/services/postgresql/) for Concourse to use.
+It is inspired by the [upstream Concourse chart](https://github.com/kubernetes/charts/tree/master/stable/concourse) but, by default, uses the [Azure Service Broker](https://github.com/Azure/azure-service-broker) to provision an [Azure Database for PostgreSQL](https://azure.microsoft.com/services/postgresql/) for Concourse to use.
 
 ## Basic Installation 
 
@@ -118,7 +118,7 @@ The following tables lists the configurable parameters of the Concourse chart an
 | `web.nameOverride` | Override the Concourse Web components name | `web` |
 | `web.replicas` | Number of Concourse Web replicas | `1` |
 | `web.resources` | Concourse Web resource requests and limits | `{requests: {cpu: "100m", memory: "128Mi"}}` |
-| `web.service.type` | Concourse Web service type | `NodePort` |
+| `web.service.type` | Concourse Web service type | `ClusterIP` |
 | `web.ingress.enabled` | Enable Concourse Web Ingress | `false` |
 | `web.ingress.annotations` | Concourse Web Ingress annotations | `{}` |
 | `web.ingress.hosts` | Concourse Web Ingress Hostnames | `[]` |
@@ -138,6 +138,22 @@ The following tables lists the configurable parameters of the Concourse chart an
 | `persistence.worker.accessMode` | Concourse Worker Persistent Volume Access Mode | `ReadWriteOnce` |
 | `persistence.worker.size` | Concourse Worker Persistent Volume Storage Size | `20Gi` |
 
+The following configuration options are utilized only if `postgresql.embedded` is set to `false` (the default):
+
+| Parameter               | Description                           | Default                                                    |
+| ----------------------- | ----------------------------------    | ---------------------------------------------------------- |
+| `postgresql.azure.servicePlan` | The service plan to use | `basic100` |
+| `postgresql.azure.location` | The Azure region to deploy the PostgreSQL service to | `westus2` |
+
+The following configuration options are utilized only if `postgresql.embedded` is set to `true`:
+
+| Parameter               | Description                           | Default                                                    |
+| ----------------------- | ----------------------------------    | ---------------------------------------------------------- |
+| `postgresql.postgresUser` | PostgreSQL User to create | `concourse` |
+| `postgresql.postgresPassword` | PostgreSQL Password for the new user | `concourse` |
+| `postgresql.postgresDatabase` | PostgreSQL Database to create | `concourse` |
+| `postgresql.persistence.enabled` | Enable PostgreSQL persistence using Persistent Volume Claims | `true` |
+
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
 
 Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
diff --git a/concourse/requirements.lock b/concourse/requirements.lock
new file mode 100644
index 0000000..686b933
--- /dev/null
+++ b/concourse/requirements.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://kubernetes-charts.storage.googleapis.com/
+  version: 0.8.3
+digest: sha256:b45d347725e8cb5aa4b0d97732ffccd1a60927b701126c1e596f7e488395681c
+generated: 2017-11-08T11:51:43.770522-05:00
diff --git a/concourse/requirements.yaml b/concourse/requirements.yaml
new file mode 100644
index 0000000..81d90d0
--- /dev/null
+++ b/concourse/requirements.yaml
@@ -0,0 +1,5 @@
+dependencies:
+- name: postgresql
+  version: 0.8.3
+  repository: https://kubernetes-charts.storage.googleapis.com/
+  condition: postgresql.embedded
diff --git a/concourse/templates/_helpers.tpl b/concourse/templates/_helpers.tpl
index 9556431..7afe0ea 100644
--- a/concourse/templates/_helpers.tpl
+++ b/concourse/templates/_helpers.tpl
@@ -23,4 +23,13 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- define "concourse.worker.fullname" -}}
 {{- $name := default "worker" .Values.worker.nameOverride -}}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+
+{{/*
+Create a default fully qualified postgresql name.
+We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "concourse.postgresql.fullname" -}}
+{{- $name := default "postgresql" .Values.postgresql.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 24 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/concourse/templates/configmap.yaml b/concourse/templates/configmap.yaml
index e45bc22..037bc77 100644
--- a/concourse/templates/configmap.yaml
+++ b/concourse/templates/configmap.yaml
@@ -8,6 +8,10 @@ metadata:
     release: "{{ .Release.Name }}"
     heritage: "{{ .Release.Service }}"
 data:
+  {{- if .Values.postgresql.embedded }}
+  postgresql-host: {{ template "concourse.postgresql.fullname" . }}
+  postgresql-database: {{ .Values.postgresql.postgresDatabase | quote }}
+  {{- end }}
   concourse-atc-port: {{ .Values.concourse.atcPort | quote }}
   concourse-tsa-host: {{ template "concourse.web.fullname" . }}
   concourse-tsa-port: {{ .Values.concourse.tsaPort | quote }}
diff --git a/concourse/templates/postgresql-binding.yaml b/concourse/templates/postgresql-binding.yaml
index e5af1fd..8665a92 100644
--- a/concourse/templates/postgresql-binding.yaml
+++ b/concourse/templates/postgresql-binding.yaml
@@ -1,3 +1,4 @@
+{{- if not .Values.postgresql.embedded }}
 apiVersion: servicecatalog.k8s.io/v1beta1
 kind: ServiceBinding
 metadata:
@@ -11,3 +12,4 @@ spec:
   instanceRef:
     name: {{ template "concourse.concourse.fullname" . }}-postgres-instance
   secretName: {{ template "concourse.concourse.fullname" . }}-postgres-secret
+{{- end }}
diff --git a/concourse/templates/postgresql-instance.yaml b/concourse/templates/postgresql-instance.yaml
index e448100..f2180c9 100644
--- a/concourse/templates/postgresql-instance.yaml
+++ b/concourse/templates/postgresql-instance.yaml
@@ -1,3 +1,4 @@
+{{- if not .Values.postgresql.embedded }}
 apiVersion: servicecatalog.k8s.io/v1beta1
 kind: ServiceInstance
 metadata:
@@ -9,8 +10,9 @@ metadata:
     heritage: "{{ .Release.Service }}"
 spec:
   clusterServiceClassExternalName: azure-postgresqldb
-  clusterServicePlanExternalName: {{ .Values.azurePostgres.servicePlan }}
+  clusterServicePlanExternalName: {{ .Values.postgresql.azure.servicePlan }}
   parameters:
-    location: {{ .Values.azurePostgres.location }}
+    location: {{ .Values.postgresql.azure.location }}
     resourceGroup: {{ .Release.Namespace }}
     sslEnforcement: disabled
+{{- end }}
diff --git a/concourse/templates/secrets.yaml b/concourse/templates/secrets.yaml
index f3e9342..53ba3b0 100644
--- a/concourse/templates/secrets.yaml
+++ b/concourse/templates/secrets.yaml
@@ -9,6 +9,9 @@ metadata:
     heritage: "{{ .Release.Service }}"
 type: Opaque
 data:
+  {{ if .Values.postgresql.embedded }}
+  postgresql-user: {{ .Values.postgresql.postgresUser | b64enc | quote }}
+  {{- end }}
   basic-auth-username: {{ .Values.concourse.username | b64enc | quote }}
   basic-auth-password: {{ .Values.concourse.password | b64enc | quote }}
   host-key: {{ .Values.concourse.hostKey | b64enc | quote }}
diff --git a/concourse/templates/web-deployment.yaml b/concourse/templates/web-deployment.yaml
index b9e38d5..0136a9d 100644
--- a/concourse/templates/web-deployment.yaml
+++ b/concourse/templates/web-deployment.yaml
@@ -21,6 +21,30 @@ spec:
           args:
             - "web"
           env:
+            {{ if .Values.postgresql.embedded }}
+            - name: POSTGRES_HOST
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ template "concourse.concourse.fullname" . }}
+                  key: postgresql-host
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "concourse.concourse.fullname" . }}
+                  key: postgresql-user
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "concourse.postgresql.fullname" . }}
+                  key: postgres-password
+            - name: POSTGRES_DATABASE
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ template "concourse.concourse.fullname" . }}
+                  key: postgresql-database
+            - name: CONCOURSE_POSTGRES_DATA_SOURCE
+              value: postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST)/$(POSTGRES_DATABASE)?sslmode=disable
+            {{ else }}
             - name: POSTGRES_HOST
               valueFrom:
                 secretKeyRef:
@@ -42,7 +66,8 @@ spec:
                   name: {{ template "concourse.concourse.fullname" . }}-postgres-secret
                   key: database
             - name: CONCOURSE_POSTGRES_DATA_SOURCE
-              value: postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST)/$(POSTGRES_DATABASE)?sslmode=disable
+              value: postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST)/$(POSTGRES_DATABASE)?sslmode=require
+            {{ end }}
             {{ if .Values.encryptionKey }}
             - name: CONCOURSE_ENCRYPTION_KEY
               valueFrom:
diff --git a/concourse/values.yaml b/concourse/values.yaml
index 6f26118..c70f148 100644
--- a/concourse/values.yaml
+++ b/concourse/values.yaml
@@ -451,6 +451,44 @@ persistence:
     ##
     size: 20Gi
 
-azurePostgres:
-  location: westus2
-  servicePlan: basic100
\ No newline at end of file
+## Configuration values for the postgresql dependency.
+## ref: https://github.com/kubernetes/charts/blob/master/stable/postgresql/README.md
+##
+postgresql:
+
+  ## Use the PostgreSQL chart dependency.
+  ##
+  embedded: false
+
+  ## ALL OF THE FOLLOWING CONFIGURATION IS APPLICABLE ONLY IF
+  ## postgresql.embedded is set to false
+  ##
+
+  azure:
+    servicePlan: basic100
+    location: eastus
+
+  ## ALL OF THE FOLLOWING CONFIGURATION IS APPLICABLE ONLY IF
+  ## postgresql.embedded is set to true
+  ##
+
+  ### PostgreSQL User to create.
+  ##
+  postgresUser: concourse
+
+  ## PostgreSQL Password for the new user.
+  ## If not set, a random 10 characters password will be used.
+  ##
+  postgresPassword: concourse
+
+  ## PostgreSQL Database to create.
+  ##
+  postgresDatabase: concourse
+
+  ## Persistent Volume Storage configuration.
+  ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes
+  ##
+  persistence:
+    ## Enable PostgreSQL persistence using Persistent Volume Claims.
+    ##
+    enabled: true