diff --git a/roles/unhb_backup_location/ssh_pub_keys/id_ed25519_unhb2.pub b/roles/unhb_backup_location/ssh_pub_keys/id_ed25519_unhb2.pub
new file mode 100644
index 0000000..cda1773
--- /dev/null
+++ b/roles/unhb_backup_location/ssh_pub_keys/id_ed25519_unhb2.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG+PKk36CATvlCTByaTUjVUrYtZsTLZhqAUx/n2X/GnF root@neuromancer.unhb.de
diff --git a/roles/unhb_backup_location/ssh_pub_keys/id_ed25519_unhb4.pub b/roles/unhb_backup_location/ssh_pub_keys/id_ed25519_unhb4.pub
new file mode 100644
index 0000000..81f7bdf
--- /dev/null
+++ b/roles/unhb_backup_location/ssh_pub_keys/id_ed25519_unhb4.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOKJc4RQfDo6jzYZY2w9UUjsCFqPYHSRr7ClSRDVaijv root@server4
diff --git a/roles/unhb_backup_location/tasks/main.yml b/roles/unhb_backup_location/tasks/main.yml
new file mode 100644
index 0000000..6a38f14
--- /dev/null
+++ b/roles/unhb_backup_location/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+
+- name: "Ensure the groups for the backups users exists"
+  ansible.builtin.group:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - restic_unhb2
+    - restic_unhb4
+
+- name: "Ensure the backup users for restic exist"
+  ansible.builtin.user:
+    name: "{{ item }}"
+    groups: "{{ item }}"
+    append: yes
+  with_items:
+    - restic_unhb2
+    - restic_unhb4
+
+- name: "Set authorized keys for restic_unhb2"
+  ansible.posix.authorized_key:
+    user: "restic_unhb2"
+    state: present
+    key: "{{ lookup('file', '{{ keys_item }}') }}"  
+  with_fileglob:
+    - ../ssh_pub_keys/*.pub
+  loop_control:
+    loop_var: keys_item
+
+- name: "Set authorized keys for restic_unhb4"
+  ansible.posix.authorized_key:
+    user: "restic_unhb4"
+    state: present
+    key: "{{ lookup('file', '{{ keys_item }}') }}"  
+  with_fileglob:
+    - ../ssh_pub_keys/*.pub
+  loop_control:
+    loop_var: keys_item
diff --git a/roles/unhb_backup_location/templates/restic_db_passwords.env.j2 b/roles/unhb_backup_location/templates/restic_db_passwords.env.j2
new file mode 100644
index 0000000..ef2dfdb
--- /dev/null
+++ b/roles/unhb_backup_location/templates/restic_db_passwords.env.j2
@@ -0,0 +1,6 @@
+MARIADB_ROOT_PASSWORD_NEXTCLOUD={{ unhb4_mariadb_containers['nextcloud'].password }}
+MARIADB_ROOT_PASSWORD_ETHERPAD={{ unhb4_mariadb_containers['etherpad'].password }}
+MARIADB_ROOT_PASSWORD_JVEREIN={{ unhb4_mariadb_containers['jverein'].password }}
+MARIADB_ROOT_PASSWORD_URLSHORTENER={{ unhb4_mariadb_containers['urlshortener'].password }}
+MARIADB_ROOT_PASSWORD_WIKI={{ unhb4_mariadb_containers['wiki'].password }}
+MARIADB_ROOT_PASSWORD_WORDPRESS={{ unhb4_mariadb_containers['wordpress'].password }}
diff --git a/roles/unhb_backup_scripts/tasks/main.yml b/roles/unhb_backup_scripts/tasks/main.yml
new file mode 100644
index 0000000..9fb8378
--- /dev/null
+++ b/roles/unhb_backup_scripts/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+
+- name: "Template restic_db_passwords.env"
+  ansible.builtin.template:
+    src: "restic_db_passwords.env_{{ inventory_hostname }}.j2"
+    dest: /opt/scripts/restic/restic_db_passwords.env
+    owner: root
+    group: root
+    mode:  '0440'
+    force: true
diff --git a/roles/unhb_backup_scripts/templates/restic_db_passwords.env_unhb2.j2 b/roles/unhb_backup_scripts/templates/restic_db_passwords.env_unhb2.j2
new file mode 100644
index 0000000..e9bf0a3
--- /dev/null
+++ b/roles/unhb_backup_scripts/templates/restic_db_passwords.env_unhb2.j2
@@ -0,0 +1,3 @@
+MARIADB_PASSWORD_PARTKEEPR={{ unhb2_mariadb_containers['partkeepr'].password }}
+MARIADB_PASSWORD_ENGELSYSTEM={{ unhb2_mariadb_containers['engelsystem'].password }}
+
diff --git a/roles/unhb_backup_scripts/templates/restic_db_passwords.env_unhb4.j2 b/roles/unhb_backup_scripts/templates/restic_db_passwords.env_unhb4.j2
new file mode 100644
index 0000000..331d1b2
--- /dev/null
+++ b/roles/unhb_backup_scripts/templates/restic_db_passwords.env_unhb4.j2
@@ -0,0 +1,6 @@
+MARIADB_PASSWORD_NEXTCLOUD={{ unhb4_mariadb_containers['nextcloud'].password }}
+MARIADB_PASSWORD_ETHERPAD={{ unhb4_mariadb_containers['etherpad'].password }}
+MARIADB_PASSWORD_JVEREIN={{ unhb4_mariadb_containers['jverein'].password }}
+MARIADB_PASSWORD_URLSHORTENER={{ unhb4_mariadb_containers['urlshortener'].password }}
+MARIADB_PASSWORD_WIKI={{ unhb4_mariadb_containers['wiki'].password }}
+MARIADB_PASSWORD_WORDPRESS={{ unhb4_mariadb_containers['wordpress'].password }}
diff --git a/site.yml b/site.yml
index 4b180f4..18d3ec6 100644
--- a/site.yml
+++ b/site.yml
@@ -10,6 +10,8 @@
     - apt_listchanges
     - basic_common_settings
     - firewalld
+    - unhb_backup_location
+    - unhb_backup_scripts
     
 - name: Set up roles on unhb4
   hosts: unhb2