diff --git a/base-services.yml b/base-services.yml
index 6839162..11816a7 100644
--- a/base-services.yml
+++ b/base-services.yml
@@ -1,168 +1,171 @@
 version: "3.7"
 
 services:
   memcache:
     image: memcached
     deploy:
       replicas: 1
 
   db-storage:
     image: postgres:13
     deploy:
       mode: global
       placement:
         constraints:
           - node.role == manager
     command: ['-c', 'shared_buffers=4GB', '-c', 'effective_cache_size=4GB', '-c', 'random_page_cost=1.5', '-c', 'max_wal_size=4GB']
     environment:
-      POSTGRES_PASSWORD_FILE: /run/secrets/postgres-storage-password
+      POSTGRES_PASSWORD_FILE: /run/secrets/postgres-password
       POSTGRES_USER: swh
       POSTGRES_DB:
       # unset POSTGRES_DB: we're handling db creation ourselves in the backend
     volumes:
       - "storage-db:/var/lib/postgresql/data:rw,Z"
     secrets:
       - source: postgres-storage-password
+        target: postgres-password
         uid: '999'
         mode: 0400
 
   db-web:
     image: postgres:13
     deploy:
       mode: global
       placement:
         constraints:
           - node.role == manager
     command: ['-c', 'shared_buffers=4GB', '-c', 'effective_cache_size=4GB', '-c', 'random_page_cost=1.5', '-c', 'max_wal_size=4GB']
     environment:
-      POSTGRES_PASSWORD_FILE: /run/secrets/postgres-web-password
+      POSTGRES_PASSWORD_FILE: /run/secrets/postgres-password
       POSTGRES_USER: swh
-      POSTGRES_DB:
-      # unset POSTGRES_DB: we're handling db creation ourselves in the backend
+      POSTGRES_DB: swh-web
     volumes:
       - "web-db:/var/lib/postgresql/data:rw,Z"
     secrets:
       - source: postgres-web-password
+        target: postgres-password
         uid: '999'
         mode: 0400
 
   web:
     image: softwareheritage/web:${SWH_IMAGE_TAG:-latest}
     configs:
       - source: web
         target: /etc/softwareheritage/config.yml
     command: serve
     environment:
       PORT: "5004"
       PGHOST: db-web
       PGUSER: swh
       POSTGRES_DB: swh-web
     depends_on:
       - db-web
       - memcache
     secrets:
       - source: postgres-web-password
+        target: postgres-password
         mode: 0400
 
   objstorage:
     image: softwareheritage/base:${SWH_IMAGE_TAG:-latest}
     deploy:
       placement:
         constraints:
           - node.role == manager
     volumes:
       - "objstorage:/srv/softwareheritage/objects:rw,Z"
     configs:
       - source: objstorage
         target: /etc/softwareheritage/config.yml
     environment:
       PORT: "5003"
       STATSD_HOST: prometheus-statsd-exporter
       STATSD_PORT: 9125
     command: objstorage
 
   storage:
     image: softwareheritage/base:${SWH_IMAGE_TAG:-latest}
     configs:
       - source: storage
         target: /etc/softwareheritage/config.yml
     environment:
       PGHOST: db-storage
       PGUSER: swh
       POSTGRES_DB: swh-storage
       PORT: "5002"
       STATSD_HOST: prometheus-statsd-exporter
       STATSD_PORT: 9125
     command: storage
     depends_on:
       - db-storage
     secrets:
       - source: postgres-storage-password
+        target: postgres-password
         mode: 0400
 
   nginx:
     image: nginx
     configs:
       - source: nginx
         target: /etc/nginx/nginx.conf
     ports:
       - "5081:5081/tcp"
     deploy:
       placement:
         constraints:
           - node.role == manager
 
   prometheus:
     image: prom/prometheus
     depends_on:
     - prometheus-statsd-exporter
     command:
       # Needed for the reverse-proxy
       - "--web.external-url=/prometheus"
       - "--config.file=/etc/prometheus/prometheus.yml"
     volumes:
       - "./conf/prometheus.yml:/etc/prometheus/prometheus.yml:ro,Z"
     deploy:
       mode: global
 
   prometheus-statsd-exporter:
     image: prom/statsd-exporter
     command:
       - "--statsd.mapping-config=/etc/prometheus/statsd-mapping.yml"
     volumes:
       - "./conf/prometheus-statsd-mapping.yml:/etc/prometheus/statsd-mapping.yml:ro,Z"
 
   grafana:
     image: grafana/grafana
     depends_on:
     - prometheus
     environment:
       GF_SERVER_ROOT_URL: http://localhost:5081/grafana
     volumes:
       - "./conf/grafana/provisioning:/etc/grafana/provisioning:ro,Z"
       - "./conf/grafana/dashboards:/var/lib/grafana/dashboards:rw,Z"
 
 volumes:
   objstorage:
   storage-db:
   web-db:
 
 secrets:
   postgres-storage-password:
     external: true
   postgres-web-password:
     external: true
 
 configs:
   storage:
     file: conf/storage.yml
     name: storage
   objstorage:
     file: conf/objstorage.yml
     name: objstorage
   nginx:
     file: conf/nginx.conf
     name: nginx
   web:
     file: conf/web.yml
     name: web
diff --git a/images/tools/pgsql.sh b/images/tools/pgsql.sh
index 3dee026..c525595 100755
--- a/images/tools/pgsql.sh
+++ b/images/tools/pgsql.sh
@@ -1,43 +1,46 @@
 #!/bin/bash
 
 setup_pgsql () {
     : > ~/.pgpass
     : > ~/.pg_service.conf
 
 	PGPASSWORD=$(cat $POSTGRES_PASSWORD_FILE)
     echo "${PGHOST}:5432:template1:${PGUSER}:${PGPASSWORD}" >> ~/.pgpass
     echo "${PGHOST}:5432:${PGUSER}:${PGUSER}:${PGPASSWORD}" >> ~/.pgpass
     echo "${PGHOST}:5432:${POSTGRES_DB}:${PGUSER}:${PGPASSWORD}" >> ~/.pgpass
 
     cat > ~/.pg_service.conf <<EOF
 [swh]
 dbname=${POSTGRES_DB}
 host=${PGHOST}
 port=5432
 user=${PGUSER}
 EOF
     chmod 0600 ~/.pgpass
+	echo "DONE setup Postgresql client config file"
+	echo "cat ~/.pg_service.conf"
+	cat ~/.pg_service.conf
 }
 
 wait_pgsql () {
     local db_to_check
     if [ $# -ge 1 ]; then
         db_to_check="$1"
     else
         db_to_check=$POSTGRES_DB
     fi
 
     if [ $# -ge 2 ]; then
         host_to_check="$2"
     else
         host_to_check=$PGHOST
     fi
 
     echo Waiting for postgresql to start on $host_to_check and for database $db_to_check to be available.
     wait-for-it ${host_to_check}:5432 -s --timeout=0
     until psql "dbname=${db_to_check} port=5432 host=${host_to_check} user=${PGUSER}" -c "select 'postgresql is up!' as connected"; do sleep 1; done
 }
 
 check_pgsql_db_created () {
     psql "dbname=${POSTGRES_DB} port=5432 host=${PGHOST} user=${PGUSER}" -c "select 'postgresql is up!' as connected" >/dev/null 2>/dev/null
 }
diff --git a/images/web/entrypoint.sh b/images/web/entrypoint.sh
index e282405..e4d61a7 100755
--- a/images/web/entrypoint.sh
+++ b/images/web/entrypoint.sh
@@ -1,51 +1,53 @@
 #!/bin/bash
 
 set -e
 
 source /srv/softwareheritage/utils/pgsql.sh
 
 # generate the pgservice file if any
 if [ -f /run/secrets/postgres-password ]; then
 	POSTGRES_PASSWORD_FILE=/run/secrets/postgres-password
 	setup_pgsql
 fi
 
 if [ "$1" = 'shell' ] ; then
 	shift
 	if (( $# == 0)); then
 		exec bash -i
 	else
 		"$@"
 	fi
 else
+    wait_pgsql
+
 	create_admin_script="
 from django.contrib.auth import get_user_model;
 
 username = 'admin';
 password = 'admin';
 email = 'admin@swh-web.org';
 
 User = get_user_model();
 
 if not User.objects.filter(username = username).exists():
     User.objects.create_superuser(username, email, password);
 "
 
     echo "Migrating db using ${DJANGO_SETTINGS_MODULE}"
     django-admin migrate --settings=${DJANGO_SETTINGS_MODULE}
 
     echo "Creating admin user"
     echo "$create_admin_script" | python3 -m swh.web.manage shell
 
 	echo "starting the swh-web server"
 	mkdir -p /var/run/gunicorn/swh/web
     gunicorn3 \
 		 --bind 0.0.0.0:5004 \
          --bind unix:/var/run/gunicorn/swh/web/sock \
          --threads 2 \
          --workers 2 \
          --timeout 3600 \
+         --access-logfile '-' \
+         --config 'python:swh.web.gunicorn_config' \
          'django.core.wsgi:get_wsgi_application()'
-	# give some time to log in and check a few things before dying
-	sleep 180
 fi