diff --git a/hosts/alto/default.nix b/hosts/alto/default.nix
index 342eb76..1debd56 100644
--- a/hosts/alto/default.nix
+++ b/hosts/alto/default.nix
@@ -47,6 +47,7 @@ in
     syncthing = {
       enable = true;
       isServer = true;
+      backups.enable = true;
       deviceId = "5R2MH7T-Q2ZZS2P-ZMSQ2UJ-B6VBHES-XYLNMZ6-7FYC27L-4P7MGJ2-FY4ITQD";
     };
   };
diff --git a/modules/system/syncthing/backups.nix b/modules/system/syncthing/backups.nix
new file mode 100644
index 0000000..7b94d44
--- /dev/null
+++ b/modules/system/syncthing/backups.nix
@@ -0,0 +1,48 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+let
+  cfg = config.myConfig.syncthing;
+in
+{
+  options.myConfig.syncthing.backups.enable = lib.mkEnableOption "";
+
+  config = lib.mkIf cfg.backups.enable {
+    assertions = [
+      {
+        assertion = cfg.isServer;
+        message = "syncthing backups can only be made on a server";
+      }
+    ];
+
+    myConfig.resticBackup.syncthing = {
+      healthchecks.enable = true;
+
+      extraConfig = {
+        backupPrepareCommand = ''
+          ${lib.getExe' pkgs.systemd "systemctl"} stop syncthing.service
+        '';
+        backupCleanupCommand = ''
+          ${lib.getExe' pkgs.systemd "systemctl"} start syncthing.service
+        '';
+        paths = [ "/var/lib/syncthing" ];
+      };
+    };
+
+    environment.systemPackages = [
+      (pkgs.writeShellApplication {
+        name = "syncthing-restore";
+        text = ''
+          sudo bash -c "
+            systemctl stop syncthing.service
+            restic-syncthing restore latest --target /
+            systemctl start syncthing.service
+          "
+        '';
+      })
+    ];
+  };
+}
diff --git a/modules/system/syncthing.nix b/modules/system/syncthing/default.nix
similarity index 100%
rename from modules/system/syncthing.nix
rename to modules/system/syncthing/default.nix