diff --git a/env.yml b/env.yml
index 3a49bb7..c43ae96 100644
--- a/env.yml
+++ b/env.yml
@@ -50,6 +50,7 @@ projects:
 
 
 projects_to_backup:
+  - synapse
   - vaultwarden
 
 
diff --git a/roles/synapse/tasks/backup.yml b/roles/synapse/tasks/backup.yml
new file mode 100644
index 0000000..f4d02fc
--- /dev/null
+++ b/roles/synapse/tasks/backup.yml
@@ -0,0 +1,32 @@
+- name: Backup PostgreSQL database
+  community.docker.docker_container_exec:
+    container: synapse-postgres
+    docker_host: "unix:///run/user/{{ host_uid }}/docker.sock"
+    command: |
+      pg_dump -c
+      -d synapse
+      -U synapse
+      -f /var/lib/postgresql/data/synapse-dump.sql
+
+- name: Create borg backup
+  command:
+    cmd: |
+      borg create
+      --compression=lzma
+      "{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
+      {{ volumes['synapse_datadir'] }}/media_store
+      {{ volumes['synapse_postgres_datadir'] }}/synapse-dump.sql
+  environment:
+    BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
+  become: true
+
+- name: Prune borg repository
+  command:
+    cmd: |
+      borg prune
+      --glob-archives='{{ role_name }}-*'
+      {{ borg_prune_options }}
+      {{ borg_repodir }}
+  environment:
+    BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
+  become: true
diff --git a/roles/synapse/tasks/main.yml b/roles/synapse/tasks/main.yml
index 321c5cb..ed95f38 100644
--- a/roles/synapse/tasks/main.yml
+++ b/roles/synapse/tasks/main.yml
@@ -1,53 +1,9 @@
-- name: "Create {{ synapse_project_dir }} project directory"
-  file:
-    path: "{{ synapse_project_dir }}"
-    state: directory
+- name: Include backup tasks
+  include_tasks:
+    file: backup.yml
+  when: run_backup | default(false) | bool
 
-- name: Template docker-compose.yaml to project directory
-  template:
-    src: docker-compose.yaml
-    dest: "{{ synapse_project_dir }}/docker-compose.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '640'
-
-- name: Template homeserver.yaml to project directory
-  template:
-    src: homeserver.yaml
-    dest: "{{ synapse_project_dir }}/homeserver.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    mode: '640'
-  # Store result to restart services if the file changed
-  register: synapse_template_homeserver_result
-
-# Separate task because template module cannot chown/chgrp to a non-existing user/group
-- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
-  file:
-    path: "{{ synapse_project_dir }}/homeserver.yaml"
-    group: "{{ users['synapse'] + uid_shift }}"
-  become: true
-
-- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
-  file:
-    path: "{{ volumes['synapse_datadir'] }}"
-    state: directory
-    owner: "{{ users['synapse'] + uid_shift }}"
-    group: "{{ users['synapse'] + uid_shift }}"
-    mode: '770'
-  become: true
-
-- name: "Create directory {{ volumes['synapse_postgres_datadir'] }} with correct permissions"
-  file:
-    path: "{{ volumes['synapse_postgres_datadir'] }}"
-    state: directory
-    owner: "{{ users['synapse_postgres'] + uid_shift }}"
-    group: "{{ users['synapse_postgres'] + uid_shift }}"
-    mode: '770'
-  become: true
-
-- name: Pull/Create/Restart project services
-  community.docker.docker_compose:
-    project_src: "{{ synapse_project_dir }}"
-    pull: "{{ docker_pull_images | bool }}"
-    # Restart if config file(s) changed
-    restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"
+- name: Include update tasks
+  include_tasks:
+    file: update.yml
+  when: run_update | default(false) | bool
diff --git a/roles/synapse/tasks/update.yml b/roles/synapse/tasks/update.yml
new file mode 100644
index 0000000..321c5cb
--- /dev/null
+++ b/roles/synapse/tasks/update.yml
@@ -0,0 +1,53 @@
+- name: "Create {{ synapse_project_dir }} project directory"
+  file:
+    path: "{{ synapse_project_dir }}"
+    state: directory
+
+- name: Template docker-compose.yaml to project directory
+  template:
+    src: docker-compose.yaml
+    dest: "{{ synapse_project_dir }}/docker-compose.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '640'
+
+- name: Template homeserver.yaml to project directory
+  template:
+    src: homeserver.yaml
+    dest: "{{ synapse_project_dir }}/homeserver.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    mode: '640'
+  # Store result to restart services if the file changed
+  register: synapse_template_homeserver_result
+
+# Separate task because template module cannot chown/chgrp to a non-existing user/group
+- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
+  file:
+    path: "{{ synapse_project_dir }}/homeserver.yaml"
+    group: "{{ users['synapse'] + uid_shift }}"
+  become: true
+
+- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
+  file:
+    path: "{{ volumes['synapse_datadir'] }}"
+    state: directory
+    owner: "{{ users['synapse'] + uid_shift }}"
+    group: "{{ users['synapse'] + uid_shift }}"
+    mode: '770'
+  become: true
+
+- name: "Create directory {{ volumes['synapse_postgres_datadir'] }} with correct permissions"
+  file:
+    path: "{{ volumes['synapse_postgres_datadir'] }}"
+    state: directory
+    owner: "{{ users['synapse_postgres'] + uid_shift }}"
+    group: "{{ users['synapse_postgres'] + uid_shift }}"
+    mode: '770'
+  become: true
+
+- name: Pull/Create/Restart project services
+  community.docker.docker_compose:
+    project_src: "{{ synapse_project_dir }}"
+    pull: "{{ docker_pull_images | bool }}"
+    # Restart if config file(s) changed
+    restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"
diff --git a/roles/synapse/templates/docker-compose.yaml b/roles/synapse/templates/docker-compose.yaml
index bf56f11..5a5b7d4 100644
--- a/roles/synapse/templates/docker-compose.yaml
+++ b/roles/synapse/templates/docker-compose.yaml
@@ -7,7 +7,7 @@ services:
     environment:
       LANG: C
       POSTGRES_INITDB_ARGS: "--locale=C --encoding=UTF8"
-      POSTGRES_USER: {{ synapse_secrets['postgres_user'] }}
+      POSTGRES_USER: synapse
       POSTGRES_PASSWORD: {{ synapse_secrets['postgres_password'] }}
     volumes:
       - {{ volumes['synapse_postgres_datadir'] }}:/var/lib/postgresql/data
diff --git a/roles/synapse/templates/homeserver.yaml b/roles/synapse/templates/homeserver.yaml
index 22f109c..a36f4c6 100644
--- a/roles/synapse/templates/homeserver.yaml
+++ b/roles/synapse/templates/homeserver.yaml
@@ -24,7 +24,7 @@ max_avatar_size: 2M
 database:
   name: psycopg2
   args:
-    user: {{ synapse_secrets['postgres_user'] }}
+    user: synapse
     password: {{ synapse_secrets['postgres_password'] }}
     dbname: synapse
     host: synapse-postgres
diff --git a/secrets.yml.example b/secrets.yml.example
index 31aec9a..ccd9b21 100644
--- a/secrets.yml.example
+++ b/secrets.yml.example
@@ -17,7 +17,6 @@ searxng_secrets:
   searxng_secret:
 
 synapse_secrets:
-  postgres_user:
   postgres_password:
   turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
   macaroon_secret_key: