diff --git a/deployment/playbooks/01_install_cacert_oidc.yml b/deployment/playbooks/01_install_cacert_oidc.yml
index 01fc695..5032556 100644
--- a/deployment/playbooks/01_install_cacert_oidc.yml
+++ b/deployment/playbooks/01_install_cacert_oidc.yml
@@ -3,6 +3,13 @@
   hosts: pgsqlserver
   become: true
 
+  pre_tasks:
+
+    - name: Install python3-psycopg2
+      ansible.builtin.package:
+        name: python3-psycopg2
+        state: present
+
   roles:
     - hydra_database
 
diff --git a/deployment/roles/hydra_server/handlers/main.yml b/deployment/roles/hydra_server/handlers/main.yml
index 018486d..63b31e8 100644
--- a/deployment/roles/hydra_server/handlers/main.yml
+++ b/deployment/roles/hydra_server/handlers/main.yml
@@ -1,2 +1,7 @@
 ---
-# handlers file for roles/hydra_server
+- name: hydra_systemd_reload
+  ansible.builtin.systemd:
+    state: started
+    name: hydra
+    daemon_reload: true
+    enabled: true
diff --git a/deployment/roles/hydra_server/tasks/main.yml b/deployment/roles/hydra_server/tasks/main.yml
index f7a27a2..72a9385 100644
--- a/deployment/roles/hydra_server/tasks/main.yml
+++ b/deployment/roles/hydra_server/tasks/main.yml
@@ -117,3 +117,17 @@
         content: "{{ hydra_tls.keydata }}"
 
   when: not use_mkcert
+
+- name: Run Hydra SQL migrations
+  ansible.builtin.command:
+    cmd: "{{ hydra_home }}/bin/hydra migrate sql --yes --read-from-env --config {{ hydra_home }}/etc/hydra.yml"
+  changed_when: false
+
+- name: Create systemd unit file
+  ansible.builtin.template:
+    src: hydra.service.j2
+    dest: /etc/systemd/system/hydra.service
+    owner: root
+    group: root
+    mode: "0640"
+  notify: hydra_systemd_reload
diff --git a/deployment/roles/hydra_server/templates/hydra.service.j2 b/deployment/roles/hydra_server/templates/hydra.service.j2
new file mode 100644
index 0000000..92bc507
--- /dev/null
+++ b/deployment/roles/hydra_server/templates/hydra.service.j2
@@ -0,0 +1,13 @@
+[Unit]
+Description=ORY Hydra OAuth2/OpenID Connect API server
+After=network.target
+Documentation=https://www.ory.sh/docs/hydra/
+
+[Service]
+ExecStart={{ hydra_home }}/bin/hydra serve all --config "{{ hydra_home }}/etc/hydra.yml"
+WorkingDirectory={{ hydra_home }}
+User={{ hydra_os_user }}
+Group={{ hydra_os_group }}
+
+[Install]
+WantedBy=multi-user.target
diff --git a/deployment/roles/hydra_server/templates/hydra.yml.j2 b/deployment/roles/hydra_server/templates/hydra.yml.j2
index 358aa84..de94340 100644
--- a/deployment/roles/hydra_server/templates/hydra.yml.j2
+++ b/deployment/roles/hydra_server/templates/hydra.yml.j2
@@ -1,9 +1,11 @@
 ---
 serve:
   admin:
-    host: {{ oidc_urls.hydra_admin.host }}
+    host: {{ oidc_urls.hydra_admin.address | default("localhost") }}
+    port: {{ oidc_urls.hydra_admin.port | default("4445") }}
   public:
-    host: {{ oidc_urls.hydra_public.host }}
+    host: {{ oidc_urls.hydra_public.address | default("localhost") }}
+    port: {{ oidc_urls.hydra_public.port | default("4444") }}
   tls:
     cert:
       path: {{ hydra_tls.cert }}