diff --git a/infrastructure/caddy/config/bensuperpc.org/Caddyfile b/infrastructure/caddy/config/bensuperpc.org/Caddyfile
index a48ff04..451bb46 100644
--- a/infrastructure/caddy/config/bensuperpc.org/Caddyfile
+++ b/infrastructure/caddy/config/bensuperpc.org/Caddyfile
@@ -17,8 +17,6 @@ wordpress.bensuperpc.org {
 	file_server
 	encode zstd gzip
 
-	# metrics /metrics
-
 	@disallowed {
 		path /xmlrpc.php
 		path *.sql
diff --git a/infrastructure/caddy/docker-compose.caddy.yml b/infrastructure/caddy/docker-compose.caddy.yml
index 8538ec2..1165fcd 100644
--- a/infrastructure/caddy/docker-compose.caddy.yml
+++ b/infrastructure/caddy/docker-compose.caddy.yml
@@ -30,11 +30,31 @@ services:
       timeout: 10s
       retries: 3
 
+  caddy_backup:
+    image: mazzolino/restic:latest
+    container_name: caddy_backup
+    profiles:
+      - caddy
+    depends_on:
+      - caddy
+    restart: on-failure:5
+    env_file:
+      - ./caddy/env/caddy_backup.env
+    volumes:
+      - caddy_backup:/mnt/restic
+      - caddy_data:/data:ro
+    networks:
+      - infra-network
+    security_opt:
+      - no-new-privileges:true
+
 volumes:
   caddy_data:
     name: caddy_data
   caddy_config:
     name: caddy_config
+  caddy_backup:
+    name: caddy_backup
 
 networks:
   infra-network:
diff --git a/infrastructure/caddy/env/caddy_backup.env b/infrastructure/caddy/env/caddy_backup.env
new file mode 100644
index 0000000..a568c54
--- /dev/null
+++ b/infrastructure/caddy/env/caddy_backup.env
@@ -0,0 +1,9 @@
+#RUN_ON_STARTUP=true
+BACKUP_CRON=*/30 * * * *
+RESTIC_REPOSITORY=/mnt/restic
+RESTIC_BACKUP_SOURCES=/data
+RESTIC_PASSWORD=YFQh8v3Wi95v0p6h88D4u8C8z4gLfdMw
+RESTIC_BACKUP_ARGS=--tag docker-volumes --verbose
+#RESTIC_FORGET_ARGS=--prune --keep-last 8 --keep-daily 7 --keep-weekly 5 --keep-monthly 12 --keep-yearly 4
+#RESTIC_PRUNE_ARGS=
+RESTIC_CHECK_ARGS=--read-data-subset=20%
\ No newline at end of file