diff --git a/restic-backup.service b/restic-backup.service
new file mode 100644
index 0000000..e4c1e81
--- /dev/null
+++ b/restic-backup.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Make a backup of the system using Restic
+After=syslog.target
+After=network.target
+
+[Service]
+Type=simple
+DynamicUser=true
+StateDirectory=restic
+CacheDirectory=restic
+Environment=RESTIC_REPOSITORY_FILE=/var/lib/restic/rest-server RESTIC_PASSWORD_FILE=/var/lib/restic/backup-key
+ExecStart=restic backup --exclude-file=/var/lib/restic/exclude --cache-dir $CACHE_DIRECTORY /
+
+# Allow Restic to bypass file read permission checks and directory read and execute permission checks
+AmbientCapabilities=CAP_DAC_READ_SEARCH
+
+[Install]
+WantedBy=multi-user.target