diff --git a/inventory/inventory b/inventory/inventory
index 8f7d94ed3c..6aabf2d7a3 100644
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -406,12 +406,20 @@ proxy01.stg.phx2.fedoraproject.org
 [qa]
 qa01.dev.fedoraproject.org
 
+[resultsdb:children]
+resultsdb-dev
+resultsdb-stg
+resultsdb-prod
+
 [resultsdb-stg]
 resultsdb-stg01.qa.fedoraproject.org
 
 [resultsdb-dev]
 resultsdb-dev01.qa.fedoraproject.org
 
+[resultsdb-prod]
+resultsdb01.qa.fedoraproject.org
+
 [smtp-mm]
 smtp-mm-ib01.fedoraproject.org
 smtp-mm-telia01.fedoraproject.org
@@ -484,6 +492,7 @@ tagger01.stg.phx2.fedoraproject.org
 [taskotron:children]
 taskotron-dev
 taskotron-stg
+taskotron-prod
 
 [taskotron-dev]
 taskotron-dev01.qa.fedoraproject.org
@@ -506,6 +515,9 @@ taskotron-client19.qa.fedoraproject.org
 taskotron-client20.qa.fedoraproject.org
 taskotron-client21.qa.fedoraproject.org
 
+[taskotron-prod]
+taskotron01.qa.fedoraproject.org
+
 [monitor]
 monitor.qa.fedoraproject.org
 
diff --git a/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2 b/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2
index 51b90621c1..400bef99b7 100644
--- a/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2
+++ b/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2
@@ -22,6 +22,9 @@ c['slaves'] = [
                 {% if deployment_type == 'stg' %}
                 BuildSlave("{{ buildslave }}", "{{ stg_buildslave_password }}"),
                 {% endif %}
+                {% if deployment_type == 'prod' %}
+                BuildSlave("{{ buildslave }}", "{{ prod_buildslave_password }}"),
+                {% endif %}
                 {% endfor %}
               ]
 
@@ -243,4 +246,7 @@ c['db'] = {
     {% if deployment_type == 'stg' %}
     'db_url' : "postgresql://{{ stg_buildmaster_db_user }}:{{ stg_buildmaster_db_password }}@{{ buildmaster_db_host }}/{{ buildmaster_db_name }}",
     {% endif %}
+    {% if deployment_type == 'prod' %}
+    'db_url' : "postgresql://{{ prod_buildmaster_db_user }}:{{ prod_buildmaster_db_password }}@{{ buildmaster_db_host }}/{{ buildmaster_db_name }}",
+    {% endif %}
 }
diff --git a/roles/taskotron/buildmaster/tasks/main.yml b/roles/taskotron/buildmaster/tasks/main.yml
index 066a2a6983..11c9a8a77e 100644
--- a/roles/taskotron/buildmaster/tasks/main.yml
+++ b/roles/taskotron/buildmaster/tasks/main.yml
@@ -23,16 +23,23 @@
   sudo_user: postgres
   action: postgresql_db db={{ buildmaster_db_name }}
 
-- name: ensure dev user has access to dev database
+- name: ensure dev db user has access to dev database
   when: deployment_type == 'dev'
   delegate_to: "{{ buildmaster_db_host }}"
   sudo: true
   sudo_user: postgres
   action: postgresql_user db={{ buildmaster_db_name }} user={{ dev_buildmaster_db_user }} password={{ dev_buildmaster_db_password }} role_attr_flags=NOSUPERUSER
 
-- name: ensure stg user has access to dev database
+- name: ensure stg db user has access to stg database
   when: deployment_type == 'stg'
   delegate_to: "{{ buildmaster_db_host }}"
   sudo: true
   sudo_user: postgres
   action: postgresql_user db={{ buildmaster_db_name }} user={{ stg_buildmaster_db_user }} password={{ stg_buildmaster_db_password }} role_attr_flags=NOSUPERUSER
+
+- name: ensure prod db user has access to prod database
+  when: deployment_type == 'prod'
+  delegate_to: "{{ buildmaster_db_host }}"
+  sudo: true
+  sudo_user: postgres
+  action: postgresql_user db={{ buildmaster_db_name }} user={{ prod_buildmaster_db_user }} password={{ prod_buildmaster_db_password }} role_attr_flags=NOSUPERUSER
diff --git a/roles/taskotron/resultsdb-backend/tasks/main.yml b/roles/taskotron/resultsdb-backend/tasks/main.yml
index 7e382a7216..1aa4a81401 100644
--- a/roles/taskotron/resultsdb-backend/tasks/main.yml
+++ b/roles/taskotron/resultsdb-backend/tasks/main.yml
@@ -12,26 +12,27 @@
   sudo: true
   action: postgresql_db db={{ resultsdb_db_name }}
 
-- name: ensure production resultsdb user has access to prod database
-  when: deployment_type == 'prod'
+- name: ensure dev resultsdb db user has access to dev database
+  when: deployment_type == 'dev'
   delegate_to: "{{ resultsdb_db_host }}"
   sudo_user: postgres
   sudo: true
-  action: postgresql_user db={{ resultsdb_db_name }} user={{ prod_resultsdb_db_user }} password={{ prod_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
+  action: postgresql_user db={{ resultsdb_db_name }} user={{ dev_resultsdb_db_user }} password={{ dev_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
 
-- name: ensure stg resultsdb user has access to stg database
+- name: ensure stg resultsdb db user has access to stg database
   when: deployment_type == 'stg'
   delegate_to: "{{ resultsdb_db_host }}"
   sudo_user: postgres
   sudo: true
   action: postgresql_user db={{ resultsdb_db_name }} user={{ stg_resultsdb_db_user }} password={{ stg_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
 
-- name: ensure resultsdb user has access to dev database
-  when: deployment_type == 'dev'
+- name: ensure prod resultsdb db user has access to prod database
+  when: deployment_type == 'prod'
   delegate_to: "{{ resultsdb_db_host }}"
   sudo_user: postgres
   sudo: true
-  action: postgresql_user db={{ resultsdb_db_name }} user={{ dev_resultsdb_db_user }} password={{ dev_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
+  action: postgresql_user db={{ resultsdb_db_name }} user={{ prod_resultsdb_db_user }} password={{ prod_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
+
 
 - name: ensure selinux lets httpd talk to postgres
   seboolean: name=httpd_can_network_connect_db persistent=yes state=yes
diff --git a/roles/taskotron/resultsdb-frontend/templates/settings.py.j2 b/roles/taskotron/resultsdb-frontend/templates/settings.py.j2
index 5a70133800..8fe8088eeb 100644
--- a/roles/taskotron/resultsdb-frontend/templates/settings.py.j2
+++ b/roles/taskotron/resultsdb-frontend/templates/settings.py.j2
@@ -1,7 +1,15 @@
 # while you can use this as a template, we recommend that you use the blockerbugs
 # cli to generate a config file
 RDB_URL = 'http://127.0.0.1/{{ resultsdb_endpoint }}/api/v1.0'
-SECRET_KEY = '{{ resultsdb_frontend_secret_key }}'
+{%- if deployment_type == 'dev' %}
+SECRET_KEY = '{{ dev_resultsdb_frontend_secret_key }}'
+{% endif %}
+{%- if deployment_type == 'stg' %}
+SECRET_KEY = '{{ stg_resultsdb_frontend_secret_key }}'
+{% endif %}
+{%- if deployment_type == 'prod' %}
+SECRET_KEY = '{{ prod_resultsdb_frontend_secret_key }}'
+{% endif %}
 FILE_LOGGING = False
 LOGFILR = '/var/log/resultsdb_frontend/resultsdb_frontend.log'
 SYSLOG_LOGGING = False
diff --git a/roles/taskotron/taskotron-frontend/tasks/main.yml b/roles/taskotron/taskotron-frontend/tasks/main.yml
index 5529428116..f4da1ecc86 100644
--- a/roles/taskotron/taskotron-frontend/tasks/main.yml
+++ b/roles/taskotron/taskotron-frontend/tasks/main.yml
@@ -17,8 +17,6 @@
 - name: copy fonts
   copy: src={{ bigfiles }}/fonts dest=/var/www/html/static/fonts owner=apache group=apache mode=0644
 
-# this isn't actually a template right now, some variable and inventory mongering
-# are going to be needed to get vars for taskotron master, resultsdb host etc.
 - name: generate landing page
   template: src=landingpage.html.j2 dest=/var/www/html/index.html owner=apache group=apache mode=0644