diff --git a/ops/borg-ui/scripts/pre-backup-dumps.sh b/ops/borg-ui/scripts/pre-backup-dumps.sh
index 3f0b27d..15acef5 100644
--- a/ops/borg-ui/scripts/pre-backup-dumps.sh
+++ b/ops/borg-ui/scripts/pre-backup-dumps.sh
@@ -8,6 +8,8 @@ set -eu
 DUMP_ROOT="${DUMP_ROOT:-/mnt/user/appdata/borg-ui/dumps}"
 LATEST_DIR="$DUMP_ROOT/latest"
 TMP_DIR="$DUMP_ROOT/.tmp"
+SHARED_PG_ADMIN_USER="${SHARED_PG_ADMIN_USER:-mailarchiver}"
+SHARED_PG_PASSWORD_FILE="${SHARED_PG_PASSWORD_FILE:-/mnt/user/appdata/secrets/postgres_password.txt}"
 
 log() {
   printf '%s %s\n' "[borg-dumps]" "$*"
@@ -133,12 +135,15 @@ main() {
 
   # Shared PostgreSQL 17
   if need_container "postgresql17"; then
-    shared_pg_password="$(cat /mnt/user/appdata/secrets/postgres_password.txt)"
-    dump_pg_globals "postgresql17" "$shared_pg_password" "mailarchiver" "$LATEST_DIR/postgresql17-globals.sql"
-    dump_pg_db "postgresql17" "$shared_pg_password" "mailarchiver" "mailarchiver" "$LATEST_DIR/postgresql17-mailarchiver.dump"
-    dump_pg_db "postgresql17" "$shared_pg_password" "mailarchiver" "paperless" "$LATEST_DIR/postgresql17-paperless.dump"
-    dump_optional_pg_db "postgresql17" "$shared_pg_password" "mailarchiver" "semaphore" "$LATEST_DIR/postgresql17-semaphore.dump"
-    dump_optional_pg_db "postgresql17" "$shared_pg_password" "mailarchiver" "authelia" "$LATEST_DIR/postgresql17-authelia.dump"
+    # Use the cluster admin/superuser for all shared-cluster dumps. The
+    # application roles exist, but they can have different passwords from the
+    # bootstrap postgres secret used by the shared container.
+    shared_pg_password="$(cat "$SHARED_PG_PASSWORD_FILE")"
+    dump_pg_globals "postgresql17" "$shared_pg_password" "$SHARED_PG_ADMIN_USER" "$LATEST_DIR/postgresql17-globals.sql"
+    dump_pg_db "postgresql17" "$shared_pg_password" "$SHARED_PG_ADMIN_USER" "mailarchiver" "$LATEST_DIR/postgresql17-mailarchiver.dump"
+    dump_pg_db "postgresql17" "$shared_pg_password" "$SHARED_PG_ADMIN_USER" "paperless" "$LATEST_DIR/postgresql17-paperless.dump"
+    dump_optional_pg_db "postgresql17" "$shared_pg_password" "$SHARED_PG_ADMIN_USER" "semaphore" "$LATEST_DIR/postgresql17-semaphore.dump"
+    dump_optional_pg_db "postgresql17" "$shared_pg_password" "$SHARED_PG_ADMIN_USER" "authelia" "$LATEST_DIR/postgresql17-authelia.dump"
   else
     warn "Skipping shared PostgreSQL dumps because container 'postgresql17' is missing"
   fi