diff --git a/.env.sample b/.env.sample
index f89c403..bd2b1b5 100644
--- a/.env.sample
+++ b/.env.sample
@@ -161,6 +161,7 @@ RETENTION_MAX_LIFETIME=4w
 #SECRET_SIGNAL_AS_TOKEN_VERSION=v1
 #SECRET_SIGNAL_DB_PASSWORD_VERSION=v1
 #SECRET_SIGNAL_HS_TOKEN_VERSION=v1
+#SECRET_SIGNAL_PICKLE_KEY_VERSION=v1
 
 ## Shared auth
 
diff --git a/abra.sh b/abra.sh
index 3f95df9..f858435 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,5 +1,5 @@
 export DISCORD_BRIDGE_YAML_VERSION=v2
-export ENTRYPOINT_CONF_VERSION=v2
+export ENTRYPOINT_CONF_VERSION=v3
 export HOMESERVER_YAML_VERSION=v29
 export LOG_CONFIG_VERSION=v2
 export SHARED_SECRET_AUTH_VERSION=v1
diff --git a/compose.signal.yml b/compose.signal.yml
index d583604..235e235 100644
--- a/compose.signal.yml
+++ b/compose.signal.yml
@@ -27,11 +27,15 @@ services:
       - signal_db_password
       - signal_hs_token
       - shared_secret_auth
+      - signal_pickle_key
     volumes:
       - signal-data:/data
     networks:
       - internal
-    # entrypoint: ["/bin/sh", "-c", "sleep 1000000"]
+    deploy:
+      labels:
+          backupbot.backup: "true"
+          backupbot.backup.path: "/data"
 
   signaldb:
     image: postgres:13-alpine
@@ -50,6 +54,12 @@ services:
       test: ["CMD", "pg_isready", "-U", "$POSTGRES_USER" ]
     volumes:
       - signal-postgres:/var/lib/postgresql/data
+    deploy:
+      labels:
+          backupbot.backup: "true"
+          backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql"
+          backupbot.backup.post-hook: "rm -r /var/lib/postgresql/data/backup.sql"
+          backupbot.backup.path: "/var/lib/postgresql/data"
 
 configs:
   signal_bridge_yaml:
@@ -71,3 +81,6 @@ secrets:
   signal_hs_token:
     external: true
     name: ${STACK_NAME}_signal_hs_token_${SECRET_SIGNAL_HS_TOKEN_VERSION}
+  signal_pickle_key:
+    external: true
+    name: ${STACK_NAME}_signal_pickle_key_${SECRET_SIGNAL_PICKLE_KEY_VERSION}
diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl
index b9f95bc..60f45e9 100644
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@@ -9,4 +9,8 @@ if [[ ! -f /data/{{ env "DOMAIN" }}.signing.key ]]; then
     chown -R 991:991 /data/*.config /data/*.key
 fi
 
+if [[ -d /signal-data ]]; then
+    chown -R 991:991 /signal-data
+fi
+
 /start.py
diff --git a/signal_bridge.yaml.tmpl b/signal_bridge.yaml.tmpl
index 9ac5759..14ff0a4 100644
--- a/signal_bridge.yaml.tmpl
+++ b/signal_bridge.yaml.tmpl
@@ -340,7 +340,7 @@ encryption:
     allow_key_sharing: false
     # Pickle key for encrypting encryption keys in the bridge database.
     # If set to generate, a random key will be generated.
-    pickle_key: generate
+    pickle_key: {{ secret "signal_pickle_key" }}
     # Options for deleting megolm sessions from the bridge.
     delete_keys:
         # Beeper-specific: delete outbound sessions when hungryserv confirms