diff --git a/README.md b/README.md
index b6cc348..bbf83b8 100644
--- a/README.md
+++ b/README.md
@@ -24,6 +24,7 @@ Available services
   - Gitlab
   - [Wireguard](https://github.com/wg-easy/wg-easy)
   - wikiJS
+  - PgAdmin
 
 Role variables
 ---------------
@@ -62,6 +63,7 @@ Example variables
     - gitlab
     - wireguard
     - wikijs
+    - pgadmin
 
   watchtower_label_enable: true
 
@@ -101,6 +103,12 @@ Example variables
   wikijs_db_password: 'please-vault-this-too'
   wikijs_custom_css:
   - custom.css
+
+  pgadmin_domain: 'pgadmin.example.com'
+  pgadmin_email: 'admin@example.com'
+  pgadmin_password: 'please-vault-this-password'
+  pgadmin_version: 'latest'
+  pgadmin_watchtower_enable: true
 ```
 
 TODO
diff --git a/defaults/main.yml b/defaults/main.yml
index ae1dbd0..5ddf0e1 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -14,6 +14,12 @@ grafana_log_level: error
 grafana_router_logging: false
 grafana_disable_sanitize_html: true
 
+### PgAdmin
+# pgadmin_password: required...
+# pgadmin_email: required...
+pgadmin_version: 'latest'
+pgadmin_watchtower_enable: true
+
 ### Gitlab
 # gitlab_root_password: required...
 gitlab_external_url: 'https://{{ gitlab_domain }}'
diff --git a/handlers/main.yml b/handlers/main.yml
index c5571b1..555350e 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -68,3 +68,10 @@
     state: restarted
   ignore_errors: '{{ ansible_check_mode }}'
   tags: ['docker_wikijs']
+
+- name: pgadmin-restart
+  systemd:
+    name: docker-compose@pgadmin
+    state: restarted
+  ignore_errors: '{{ ansible_check_mode }}'
+  tags: ['docker_pgadmin']
diff --git a/tasks/main.yml b/tasks/main.yml
index ae8a716..88bd179 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -17,5 +17,6 @@
     - docker_redisinsight
     - docker_gitlab
     - docker-gitlab-runner
+    - docker_pgadmin
   with_items: 
     - "{{ docker_services }}"
diff --git a/tasks/pgadmin.yml b/tasks/pgadmin.yml
new file mode 100644
index 0000000..254b228
--- /dev/null
+++ b/tasks/pgadmin.yml
@@ -0,0 +1,17 @@
+---
+- name: pgadmin | check vars are defined
+  assert:
+    that:
+      - pgadmin_domain is defined
+      - pgadmin_email is defined
+      - pgadmin_password is defined
+  tags: ['docker_pgadmin']
+
+- include_tasks: base.yml
+  tags: ['docker_pgadmin']
+
+- name: pgadmin | create docker volume data
+  docker_volume:
+    name: pgadmin__data
+  when: docker_services_external_volumes
+  tags: ['docker_pgadmin']
diff --git a/templates/compose/pgadmin.yml.j2 b/templates/compose/pgadmin.yml.j2
new file mode 100644
index 0000000..50fd193
--- /dev/null
+++ b/templates/compose/pgadmin.yml.j2
@@ -0,0 +1,43 @@
+networks:
+{% if docker_services_external_networks %}
+  traefik:
+    external: true
+{% else %}
+  traefik:
+    name: traefik
+{% endif %}
+
+volumes:
+{% if docker_services_external_volumes %}
+  pgadmin__data:
+    external: true
+{% else %}
+  pgadmin__data:
+    name: pgadmin__data
+{% endif %}
+
+services:
+  pgadmin:
+    container_name: pgadmin
+    image: dpage/pgadmin4:{{ pgadmin_version | default("latest") }}
+    restart: unless-stopped
+    environment:
+      PGADMIN_DEFAULT_EMAIL: "{{ pgadmin_email }}"
+      PGADMIN_DEFAULT_PASSWORD: "{{ pgadmin_password }}"
+      PGADMIN_LISTEN_PORT: "80"
+    volumes:
+      - pgadmin__data:/var/lib/pgadmin
+    labels:
+      traefik.enable: true
+      traefik.docker.network: traefik
+      traefik.http.routers.pgadmin.rule: Host(`{{ pgadmin_domain }}`)
+      traefik.http.routers.pgadmin.tls: true
+      traefik.http.routers.pgadmin.tls.certresolver: letsencrypt
+      traefik.http.routers.pgadmin.entrypoints: websecure
+{% if traefik_ipwhitelist is defined %}
+      traefik.http.routers.pgadmin.middlewares: "clientips@docker"
+{% endif %}
+      traefik.http.services.pgadmin.loadbalancer.server.port: 80
+      com.centurylinklabs.watchtower.enable: {{ pgadmin_watchtower_enable | default('true') }}
+    networks:
+      - traefik
\ No newline at end of file