diff --git a/roles/server/borg.nix b/roles/server/borg.nix
new file mode 100644
index 0000000..1c8817d
--- /dev/null
+++ b/roles/server/borg.nix
@@ -0,0 +1,18 @@
+{...}: {
+  services.borgbackup = {
+    repos = {
+      backups = {
+        allowSubRepos = true;
+        authorizedKeys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEMtbHUcYanH/guWaKNjGr/IGa8gvI/xRTcNAI9yXhnK BorgBackup backups key"
+        ];
+      };
+    };
+  };
+  services.openssh.settings = {
+    AllowUsers = [
+      "borg@*.tailscale"
+      "borg@192.168.1.0/24"
+    ];
+  };
+}
diff --git a/roles/server/default.nix b/roles/server/default.nix
index 6ffed7e..8bdf5dc 100755
--- a/roles/server/default.nix
+++ b/roles/server/default.nix
@@ -14,6 +14,7 @@
     ./headscale.nix
     ./caddy.nix
     ./rust_motd.nix
+    ./borg.nix
     ./adguard.nix
     ./grafana.nix
     ./prometheus.nix