diff --git a/manifests/swh/deploy/deposit.pp b/manifests/swh/deploy/deposit.pp
index 8657da1..96b1e69 100644
--- a/manifests/swh/deploy/deposit.pp
+++ b/manifests/swh/deploy/deposit.pp
@@ -1,111 +1,112 @@
 # Deployment of the swh.deposit server
 
 class profile::swh::deploy::deposit {
   $conf_directory = hiera('swh::deploy::deposit::conf_directory')
 
   $swh_conf_file = hiera('swh::deploy::deposit::swh_conf_file')
   $user = hiera('swh::deploy::deposit::user')
   $group = hiera('swh::deploy::deposit::group')
   $swh_conf_raw = hiera('swh::deploy::deposit::config')
 
-  $swh_setting_file = hiera('swh::deploy::deposit::settings_conf_file')
+  $swh_settings_file = hiera('swh::deploy::deposit::settings_conf_file')
+  $db_name = hiera('swh::deploy::deposit::db::dbname')
   $db_host = hiera('swh::deploy::deposit::db::host')
   $db_port = hiera('swh::deploy::deposit::db::port')
   $db_user = hiera('swh::deploy::deposit::db::user')
   $db_password = hiera('swh::deploy::deposit::db::password')
   $runtime_secret_key = hiera('swh::deploy::deposit::runtime_secret_key')
 
   $swh_packages = ['python3-swh.deposit']
 
   $backend_listen_host = hiera('swh::deploy::deposit::backend::listen::host')
   $backend_listen_port = hiera('swh::deploy::deposit::backend::listen::port')
   $backend_listen_address = "${backend_listen_host}:${backend_listen_port}"
 
   $backend_workers = hiera('swh::deploy::deposit::backend::workers')
   $backend_http_keepalive = hiera('swh::deploy::deposit::backend::http_keepalive')
   $backend_http_timeout = hiera('swh::deploy::deposit::backend::http_timeout')
   $backend_reload_mercy = hiera('swh::deploy::deposit::backend::reload_mercy')
 
   include ::gunicorn
 
   package {$swh_packages:
     ensure  => latest,
     require => Apt::Source['softwareheritage'],
   }
 
   file {$conf_directory:
     ensure => directory,
     owner  => 'root',
     group  => $group,
     mode   => '0750',
   }
 
   # swh's configuration part (upload size, etc...)
   file {$swh_conf_file:
     ensure  => present,
     owner   => 'root',
     group   => $group,
     mode    => '0640',
     content => inline_template("<%= @swh_conf_raw.to_yaml %>\n"),
     notify  => Service['gunicorn-swh-deposit'],
   }
 
   # django settings part (db, template, etc...)
   file {$swh_settings_file:
     ensure => present,
-    owner  => 'root'
+    owner  => 'root',
     group   => $group,
     mode    => '0640',
     content => template('profile/swh/deploy/deposit/settings.py.erb'),
     notify  => Service['gunicorn-swh-deposit'],
   }
 
   ::gunicorn::instance {'swh-deposit':
     ensure     => enabled,
     user       => $user,
     group      => $group,
     executable => 'swh.deposit.wsgi',
     settings   => {
       bind             => $backend_listen_address,
       workers          => $backend_workers,
       worker_class     => 'sync',
       timeout          => $backend_http_timeout,
       graceful_timeout => $backend_reload_mercy,
       keepalive        => $backend_http_keepalive,
     }
   }
 
   $icinga_checks_file = '/etc/icinga2/conf.d/exported-checks.conf'
 
   @@::icinga2::object::service {"swh-deposit api (localhost on ${::fqdn})":
     service_name     => 'swh-deposit api (localhost)',
     import           => ['generic-service'],
     host_name        => $::fqdn,
     check_command    => 'http',
     command_endpoint => $::fqdn,
     vars             => {
       http_address => '127.0.0.1',
       http_port    => $backend_listen_port,
       http_uri     => '/',
       http_string  => 'SWH Deposit Server',
     },
     target           => $icinga_checks_file,
     tag              => 'icinga2::exported',
   }
 
   if $backend_listen_host != '127.0.0.1' {
     @@::icinga2::object::service {"swh-deposit api (remote on ${::fqdn})":
       service_name  => 'swh-deposit api (remote)',
       import        => ['generic-service'],
       host_name     => $::fqdn,
       check_command => 'http',
       vars          => {
         http_port   => $backend_listen_port,
         http_uri    => '/',
         http_string => 'SWH Deposit Server',
       },
       target        => $icinga_checks_file,
       tag           => 'icinga2::exported',
     }
   }
 }
diff --git a/templates/swh/deploy/deposit/settings.py.erb b/templates/swh/deploy/deposit/settings.py.erb
index 8e5ae2a..37e69e3 100644
--- a/templates/swh/deploy/deposit/settings.py.erb
+++ b/templates/swh/deploy/deposit/settings.py.erb
@@ -1,108 +1,108 @@
 import os
 
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = '<%= @runtime_secret_key %>'
 
 # SECURITY WARNING: don't run with debug turned on in production!
 # WIP so on
 DEBUG = True
 
 ALLOWED_HOSTS = []
 
 
 # Application definition
 
 INSTALLED_APPS = [
     'swh.deposit.apps.DepositConfig',
     'django.contrib.auth',
     'django.contrib.contenttypes',
     'django.contrib.staticfiles',
     'django.contrib.postgres',     # for JSONField
 ]
 
 MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
 ROOT_URLCONF = 'swh.deposit.urls'
 
 TEMPLATES = [
     {
         'BACKEND': 'django.template.backends.django.DjangoTemplates',
         'DIRS': [],
         'APP_DIRS': True,
         'OPTIONS': {
             'context_processors': [
                 'django.template.context_processors.debug',
                 'django.template.context_processors.request',
                 'django.contrib.auth.context_processors.auth',
                 'django.contrib.messages.context_processors.messages',
             ],
         },
     },
 ]
 
 WSGI_APPLICATION = 'swh.deposit.wsgi.application'
 
 
 # Database
 # https://docs.djangoproject.com/en/1.10/ref/settings/#databases
 
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.postgresql',
-        'NAME': '<%= db_name %>',
-        'USER': '<%= db_user %>',
-        'PASSWORD': '<%= db_password %>',
-        'HOST': '<%= db_host %>',
-        'PORT': '<%= db_port %>',
+        'NAME': '<%= @db_name %>',
+        'USER': '<%= @db_user %>',
+        'PASSWORD': '<%= @db_password %>',
+        'HOST': '<%= @db_host %>',
+        'PORT': '<%= @db_port %>',
     }
 }
 
 
 # Password validation
 # https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
 
 AUTH_PASSWORD_VALIDATORS = [
     {
         'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
     },
     {
         'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
     },
     {
         'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
     },
     {
         'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
     },
 ]
 
 
 # Internationalization
 # https://docs.djangoproject.com/en/1.10/topics/i18n/
 
 LANGUAGE_CODE = 'en-us'
 
 TIME_ZONE = 'UTC'
 
 USE_I18N = True
 
 USE_L10N = True
 
 USE_TZ = True
 
 
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/1.10/howto/static-files/
 
 STATIC_URL = '/static/'