diff --git a/group_vars/postgresql.yml b/group_vars/postgresql.yml
index 8ceab3a..de325e3 100644
--- a/group_vars/postgresql.yml
+++ b/group_vars/postgresql.yml
@@ -56,7 +56,7 @@ wal_g_aws_secret_access_key: !vault |
 wal_g_pg_config:
   AWS_ACCESS_KEY_ID: '{{ wal_g_aws_access_key_id }}'
   AWS_SECRET_ACCESS_KEY: '{{ wal_g_aws_secret_access_key }}'
-  WALG_S3_PREFIX: s3://pgbackup/pyrocufflink/main/15
+  WALG_S3_PREFIX: s3://pgbackup/pyrocufflink/main/@PGVERSION@
   AWS_ENDPOINT: https://s3.backups.pyrocufflink.blue
   PGHOST: /run/postgresql
   WALG_STATSD_ADDRESS: localhost:9125
diff --git a/roles/wal-g-pg/files/post-upgrade.sh b/roles/wal-g-pg/files/post-upgrade.sh
new file mode 100644
index 0000000..1640e32
--- /dev/null
+++ b/roles/wal-g-pg/files/post-upgrade.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+wal-g-config /etc/postgresql/wal-g.yml.in /etc/postgresql/wal-g.yml
diff --git a/roles/wal-g-pg/files/wal-g-config.sh b/roles/wal-g-pg/files/wal-g-config.sh
new file mode 100644
index 0000000..7b8e2f6
--- /dev/null
+++ b/roles/wal-g-pg/files/wal-g-config.sh
@@ -0,0 +1,46 @@
+#!/bin/sh
+# vim: set sw=4 ts=4 sts=4 et :
+
+usage() {
+    printf 'usage: %s SRC DEST\n' "${0##*/}"
+}
+
+while [ $# -gt 0 ]; do
+    case "$1" in
+    -*)
+        usage >&2
+        exit 2
+        ;;
+    *)
+        if [ -z "${src-}" ]; then
+            src=$1
+        elif [ -z "${dest-}" ]; then
+            dest=$1
+        else
+            usage >&2
+            exit 2
+        fi
+        ;;
+    esac
+    shift
+done
+
+if [ -z "${src-}" ] || [ -z "${dest-}" ]; then
+    usage >&2
+    exit 2
+fi
+
+set --
+
+if pgversion=$(rpm -q --qf '%{V}' postgresql-server | cut -d. -f1); then
+    set -- "$@" -e 's/@PGVERSION@/'"${pgversion}"/
+fi
+
+if [ $# -eq 0 ]; then
+    echo 'Nothing to do' >&2
+    exit 1
+fi
+
+set -x
+
+sed -r "$@" "${src}" > "${dest}"
diff --git a/roles/wal-g-pg/handlers/main.yml b/roles/wal-g-pg/handlers/main.yml
index 7e48233..200597f 100644
--- a/roles/wal-g-pg/handlers/main.yml
+++ b/roles/wal-g-pg/handlers/main.yml
@@ -2,6 +2,10 @@
   command:
     semodule -i /usr/local/share/selinux/wal-g-postgresql.cil
 
+- name: regenerate wal-g config
+  command:
+    /etc/postgresql/post-upgrade.d/wal-g-config.sh
+
 - name:  restart wal-g backup timer
   systemd:
     name: wal-g-backup.timer
diff --git a/roles/wal-g-pg/meta/main.yml b/roles/wal-g-pg/meta/main.yml
index 948dd1c..e930148 100644
--- a/roles/wal-g-pg/meta/main.yml
+++ b/roles/wal-g-pg/meta/main.yml
@@ -1,3 +1,4 @@
 dependencies:
 - dch-yum
 - systemd-base
+- postgresql-server-base
diff --git a/roles/wal-g-pg/tasks/main.yml b/roles/wal-g-pg/tasks/main.yml
index 91381c7..1e1a829 100644
--- a/roles/wal-g-pg/tasks/main.yml
+++ b/roles/wal-g-pg/tasks/main.yml
@@ -5,15 +5,39 @@
   tags:
   - install
 
-- name: ensure wal-g is configured
+- name: ensure wal-g config generator is installed
+  copy:
+    src: wal-g-config.sh
+    dest: /usr/local/bin/wal-g-config
+    owner: root
+    group: root
+    mode: u=rwx,go=rx
+  tags:
+  - wal-g-config
+
+- name: ensure wal-g-config post-upgrade script is installed
+  copy:
+    src: post-upgrade.sh
+    dest: /etc/postgresql/post-upgrade.d/wal-g-config.sh
+    owner: root
+    group: root
+    mode: u=rwx,go=rx
+  tags:
+  - wal-g-config
+  - post-upgrade
+
+- name: ensure wal-g configuration template is set
   copy:
     content: |+
       {{ wal_g_pg_config | to_nice_yaml(indent=2) }}
-    dest: /etc/postgresql/wal-g.yml
+    dest: /etc/postgresql/wal-g.yml.in
     owner: root
     group: postgres
     mode: u=rw,g=r,o=
+  notify:
+  - regenerate wal-g config
   tags:
+  - wal-g-config
   - config
 
 - name: ensure local selinux share directory exists