diff --git a/roles/koji_db/tasks/main.yml b/roles/koji_db/tasks/main.yml
index 5b87c17546..f1d05e576e 100644
--- a/roles/koji_db/tasks/main.yml
+++ b/roles/koji_db/tasks/main.yml
@@ -2,6 +2,12 @@
 #
 # These tasks only run on koji db servers from the postgresql playbook
 #
+- name: iptables
+  template: src=templates/pg_hba.conf.j2 dest=/var/lib/pgsql/data/pg_hba.conf mode=600 backup=yes
+  notify:
+  - restart postgresql
+  tags:
+  - config
 
 #
 # create a koji database if not already created
@@ -29,3 +35,4 @@
   tags:
   - db
   only_if: '$is_kojidb'
+
diff --git a/roles/koji_db/templates/pg_hba.conf.j2 b/roles/koji_db/templates/pg_hba.conf.j2
new file mode 100644
index 0000000000..c220704790
--- /dev/null
+++ b/roles/koji_db/templates/pg_hba.conf.j2
@@ -0,0 +1,4 @@
+local  all    all             ident
+host koji koji {{ ansible_eth0["ipv4"]["address"] }} 255.255.255.255 md5
+host all all 0.0.0.0 0.0.0.0 md5
+host all all ::1/128 md5