diff --git a/group_vars/minio-backups.yml b/group_vars/minio-backups.yml
new file mode 100644
index 0000000..64d6295
--- /dev/null
+++ b/group_vars/minio-backups.yml
@@ -0,0 +1,16 @@
+minio_domain: s3.backups.pyrocufflink.blue
+minio_console_domain: minio.backups.pyrocufflink.blue
+minio_host_network: true
+minio_address: '127.0.0.1:{{ minio_port }}'
+minio_console_address: '127.0.0.1:{{ minio_console_port }}'
+minio_browser_redirect_url: https://{{ minio_console_domain }}/
+minio_allow_outside: false
+minio_cert_domains:
+- '{{ minio_console_domain }}'
+- '{{ minio_domain }}'
+- '*.{{ minio_domain }}'
+minio_cert_acme_email: '{{ ansible_hostname }}@pyrocufflink.net'
+minio_cert_acme_server: https://ca.pyrocufflink.blue/acme/acme/directory
+
+nginx_ssl_certificate: /etc/letsencrypt/live/{{ minio_cert_main_domain }}/fullchain.pem
+nginx_ssl_certificate_key: /etc/letsencrypt/live/{{ minio_cert_main_domain }}/privkey.pem
diff --git a/hosts b/hosts
index 1c0f809..f3bc39f 100644
--- a/hosts
+++ b/hosts
@@ -87,8 +87,11 @@ k8s-ctrl0.pyrocufflink.blue
 k8s-controller
 k8s-node
 
+[minio-backups]
+
 [minio:children]
 burp-server
+minio-backups
 
 [motioneye]
 
diff --git a/minio-backups.yml b/minio-backups.yml
new file mode 100644
index 0000000..b06cd17
--- /dev/null
+++ b/minio-backups.yml
@@ -0,0 +1,4 @@
+- hosts: minio-backups
+  roles:
+  - minio-backups-cert
+  - minio-nginx