diff --git a/roles/backup/tasks/awx-cro.yml b/roles/backup/tasks/awx-cro.yml
index 4db2f218..a143b75e 100644
--- a/roles/backup/tasks/awx-cro.yml
+++ b/roles/backup/tasks/awx-cro.yml
@@ -23,12 +23,12 @@
 - name: Template AWX object definition
   template:
     src: awx_object.yml.j2
-    dest: "_secrets/awx_object.yml"
+    dest: "{{ secrets_dir.path }}/awx_object.yml"
     mode: '0600'
 
 - name: Set AWX object template file as var
   set_fact:
-    awx_object_template: "{{ lookup('file', '_secrets/awx_object.yml') }}"
+    awx_object_template: "{{ lookup('file', '{{ secrets_dir.path }}/awx_object.yml') }}"
 
 - name: Write awx object to pvc
   k8s_exec:
diff --git a/roles/backup/tasks/cleanup.yml b/roles/backup/tasks/cleanup.yml
index aa9c6b11..7e7e451b 100644
--- a/roles/backup/tasks/cleanup.yml
+++ b/roles/backup/tasks/cleanup.yml
@@ -1,11 +1,5 @@
 ---
 
-# After copying secret files to the PVC, delete the local tmp copies
-- name: Clean up _secrets directory
-  file:
-    path: "_secrets"
-    state: absent
-
 - name: Delete any existing management pod
   k8s:
     name: "{{ meta.name }}-db-management"
diff --git a/roles/backup/tasks/postgres.yml b/roles/backup/tasks/postgres.yml
index fa065780..25b5434f 100644
--- a/roles/backup/tasks/postgres.yml
+++ b/roles/backup/tasks/postgres.yml
@@ -32,7 +32,7 @@
     kind: Pod
     namespace: '{{ meta.namespace }}'
     label_selectors:
-      - "app={{ tower_name }}-{{ deployment_type }}-postgres"
+      - "app.kubernetes.io/name={{ tower_name }}-postgres"
   register: postgres_pod
   until: "postgres_pod['resources'][0]['status']['phase'] == 'Running'"
   delay: 5
diff --git a/roles/backup/tasks/secrets.yml b/roles/backup/tasks/secrets.yml
index bab87c52..047ab863 100644
--- a/roles/backup/tasks/secrets.yml
+++ b/roles/backup/tasks/secrets.yml
@@ -1,10 +1,10 @@
 ---
 
-- name: Make _secrets directory
-  file:
-    path: "_secrets"
+- name: Make temp secrets directory
+  tempfile:
+    prefix: "secrets-"
     state: directory
-    mode: '0700'
+  register: secrets_dir
 
 - name: Get secret_key
   k8s_info:
@@ -20,12 +20,12 @@
 - name: Template secret_key definition
   template:
     src: secret_key_secret.yml.j2
-    dest: "_secrets/secret_key_secret.yml"
+    dest: "{{ secrets_dir.path }}/secret_key_secret.yml"
     mode: '0700'
 
 - name: Set secret key template
   set_fact:
-    secret_key_template: "{{ lookup('file', '_secrets/secret_key_secret.yml') }}"
+    secret_key_template: "{{ lookup('file', '{{ secrets_dir.path }}/secret_key_secret.yml') }}"
 
 - name: Write secret_key to pvc
   k8s_exec:
@@ -48,12 +48,12 @@
 - name: Template admin_password definition
   template:
     src: admin_password_secret.yml.j2
-    dest: "_secrets/admin_password_secret.yml"
+    dest: "{{ secrets_dir.path }}/admin_password_secret.yml"
     mode: '0700'
 
 - name: Set admin_password template
   set_fact:
-    admin_password_template: "{{ lookup('file', '_secrets/admin_password_secret.yml') }}"
+    admin_password_template: "{{ lookup('file', '{{ secrets_dir.path }}/admin_password_secret.yml') }}"
 
 - name: Write secret_key to pvc
   k8s_exec:
@@ -76,12 +76,12 @@
 - name: Template broadcast_websocket definition
   template:
     src: broadcast_websocket_secret.yml.j2
-    dest: "_secrets/broadcast_websocket_secret.yml"
+    dest: "{{ secrets_dir.path }}/broadcast_websocket_secret.yml"
     mode: '0700'
 
 - name: Set broadcast_websocket template
   set_fact:
-    broadcast_websocket_template: "{{ lookup('file', '_secrets/broadcast_websocket_secret.yml') }}"
+    broadcast_websocket_template: "{{ lookup('file', '{{ secrets_dir.path }}/broadcast_websocket_secret.yml') }}"
 
 - name: Write broadcast_websocket definition to pvc
   k8s_exec:
@@ -109,12 +109,12 @@
 - name: Template postgres configuration definition
   template:
     src: postgres_secret.yml.j2
-    dest: "_secrets/postgres_secret.yml"
+    dest: "{{ secrets_dir.path }}/postgres_secret.yml"
     mode: '0700'
 
 - name: Set postgres configuration
   set_fact:
-    postgres_secret_template: "{{ lookup('file', '_secrets/postgres_secret.yml') }}"
+    postgres_secret_template: "{{ lookup('file', '{{ secrets_dir.path }}/postgres_secret.yml') }}"
 
 - name: Write postgres configuration to pvc
   k8s_exec:
diff --git a/roles/restore/tasks/apply_secret.yml b/roles/restore/tasks/apply_secret.yml
index 095ac470..a71004cc 100644
--- a/roles/restore/tasks/apply_secret.yml
+++ b/roles/restore/tasks/apply_secret.yml
@@ -10,7 +10,7 @@
 
 - name: Write temp secret definition template file
   copy:
-    dest: "_definitions/{{ item }}.yml.j2"
+    dest: "{{ definitions_dir.path }}/{{ item }}.yml.j2"
     content: |
       {{ awx_object.stdout }}
     mode: '0600'
@@ -21,4 +21,4 @@
     namespace: "{{ namespace | default('default') }}"
     apply: yes
     wait: yes
-    template: "_definitions/{{ item }}.yml.j2"
+    template: "{{ definitions_dir.path }}/{{ item }}.yml.j2"
diff --git a/roles/restore/tasks/cleanup.yml b/roles/restore/tasks/cleanup.yml
index 6706916c..7e7e451b 100644
--- a/roles/restore/tasks/cleanup.yml
+++ b/roles/restore/tasks/cleanup.yml
@@ -1,10 +1,5 @@
 ---
 
-- name: Clean up _secrets directory
-  file:
-    path: "_definitions"
-    state: absent
-
 - name: Delete any existing management pod
   k8s:
     name: "{{ meta.name }}-db-management"
diff --git a/roles/restore/tasks/init.yml b/roles/restore/tasks/init.yml
index 3a2280c8..5bde9fae 100644
--- a/roles/restore/tasks/init.yml
+++ b/roles/restore/tasks/init.yml
@@ -75,8 +75,8 @@
     - tower_backup_dir != ''
     - stat_backup_dir.return_code != 0
 
-- name: Make _definitions directory
-  file:
-    path: "_definitions"
+- name: Make temp definitions directory
+  tempfile:
+    prefix: "definitions-"
     state: directory
-    mode: '0700'
+  register: definitions_dir
diff --git a/roles/restore/tasks/init_awx.yml b/roles/restore/tasks/init_awx.yml
index f3a215c1..0ae71ad0 100644
--- a/roles/restore/tasks/init_awx.yml
+++ b/roles/restore/tasks/init_awx.yml
@@ -10,7 +10,7 @@
 
 - name: Write temp AWX definition template file
   copy:
-    dest: "_definitions/awx_object.yml.j2"
+    dest: "{{ definitions_dir.path }}/awx_object.yml.j2"
     content: |
       {{ awx_object.stdout }}
     mode: '0600'
@@ -18,10 +18,10 @@
 - name: Deploy AWX
   k8s:
     state: "{{ state | default('present') }}"
-    namespace: "{{ namespace | default('default') }}"
+    namespace: "{{ meta.namespace | default('default') }}"
     apply: yes
     wait: yes
-    template: "_definitions/awx_object.yml.j2"
+    template: "{{ definitions_dir.path }}/awx_object.yml.j2"
 
 
 # TODO: The awx object and secrets need to be applied from the awx-operator, because that is where the service account is?
diff --git a/roles/restore/tasks/postgres.yml b/roles/restore/tasks/postgres.yml
index d1e4b980..75cdc62d 100644
--- a/roles/restore/tasks/postgres.yml
+++ b/roles/restore/tasks/postgres.yml
@@ -32,7 +32,7 @@
     kind: Pod
     namespace: '{{ meta.namespace }}'
     label_selectors:
-      - "app={{ tower_name }}-{{ deployment_type }}-postgres"
+      - "app.kubernetes.io/name={{ tower_name }}-postgres"
   register: postgres_pod
   until: "postgres_pod['resources'][0]['status']['phase'] == 'Running'"
   delay: 5
@@ -59,17 +59,23 @@
     replicas: 0
   when: this_deployment['resources'] | length
 
+- name: Get the postgres pod information
+  set_fact:
+    resolvable_db_host: "{{ awx_postgres_host }}.{{ meta.namespace }}.svc.cluster.local"
+
 - name: Set pg_restore command
   set_fact:
     psql_restore: >-
       psql -U {{ awx_postgres_user }}
-      -d template1
+      -h {{ resolvable_db_host }}
+      -U {{ awx_postgres_user }}
+      -d {{ awx_postgres_database }}
       -p {{ awx_postgres_port }}
 
 - name: Restore database dump to the new postgresql container
   k8s_exec:
-    namespace: "{{ meta.namespace }}"
-    pod: "{{ postgres_pod_name }}"
+    namespace: "{{ tower_backup_pvc_namespace }}"
+    pod: "{{ meta.name }}-db-management"
     command: |
       bash -c """
       set -e -o pipefail