diff --git a/backups.nix b/backups.nix
new file mode 100644
index 0000000..bfd37aa
--- /dev/null
+++ b/backups.nix
@@ -0,0 +1,24 @@
+{ lib, ... }: {
+  system.activationScripts.makeBackupDir = lib.stringAfter [ "var" ] ''
+    mkdir -p /var/lib/backup
+  '';
+
+  services.forgejo.dump = {
+    enable = true;
+    file = "forgejo-dump";
+    backupDir = "/var/lib/backup";
+  };
+
+  services.restic.backups.s3 = {
+    passwordFile = "/var/secrets/restic-backup";
+    environmentFile = "/var/secrets/restic-s3";
+    initialize = true;
+    repository = "s3:https://object.ceph-waw3.hswaw.net/cebulacamp-backups";
+    paths = [
+      "/var/lib/backup"
+      "/var/lib/postgresql"
+      "/var/lib/redis-authentik"
+      "/var/lib/nextcloud"
+    ];
+  };
+}
diff --git a/configuration.nix b/configuration.nix
index 472bab2..a33d252 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -13,6 +13,7 @@
       ./nextcloud.nix
       ./authentik.nix
       ./forgejo.nix
+      ./backups.nix
     ];
 
   boot.loader.systemd-boot.enable = true;