diff --git a/Dockerfile b/Dockerfile
index 34b50de..0352b39 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,4 +15,6 @@ RUN apk add --update --no-cache ca-certificates fuse openssh-client tzdata jq cu
 
 COPY --from=builder /go/src/github.com/restic/restic/restic /usr/bin
 
+ADD backup.sh /usr/local/bin/backup.sh
+
 ENTRYPOINT ["/usr/bin/restic"]
diff --git a/README.md b/README.md
index 064c431..7110184 100644
--- a/README.md
+++ b/README.md
@@ -6,3 +6,55 @@ Restic image for various platforms.
 
 Just run `make` to build and push everything. Check `ORG` and `PLATFORMS`
 variables to customize.
+
+## Usage
+
+You can use this image as regular restic image or use built-in cron and
+backup.sh script which can be useful for example in statefulsets:
+
+
+```yaml
+      - name: backup
+        image: genunix/restic:latest
+        imagePullPolicy: Always
+        command:
+          - /bin/sh
+          - -cxe
+          - |
+            echo "0 3 * * * /bin/sh -e /usr/local/bin/backup.sh" > /var/spool/cron/crontabs/root;
+            crond -f
+        env:
+          - name: NODE
+            valueFrom:
+              fieldRef:
+                fieldPath: spec.nodeName
+          - name: TAG
+            value: myapp
+          - name: INSTANCE
+            value: "${TAG}-${NODE}"
+          - name: BACKUP_PATH
+            value: /srv/zwave-js-ui
+          - name: RESTIC_REPOSITORY
+            value: "s3:https://s3.eu-central-1.wasabisys.com/backups/${INSTANCE}"
+          - name: RESTIC_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: restic-rest-secret
+                key: RESTIC_PASSWORD
+          - name: AWS_ACCESS_KEY_ID
+            valueFrom:
+              secretKeyRef:
+                name: restic-rest-secret
+                key: AWS_ACCESS_KEY_ID
+          - name: AWS_SECRET_ACCESS_KEY
+            valueFrom:
+              secretKeyRef:
+                name: restic-rest-secret
+                key: AWS_SECRET_ACCESS_KEY
+        volumeMounts:
+        - name: data
+          mountPath: /srv/mysvc
+```
+
+This image also sends metrics into prometheus-pushgateway service which needs
+to be configured properly.
diff --git a/backup.sh b/backup.sh
new file mode 100644
index 0000000..5d84a49
--- /dev/null
+++ b/backup.sh
@@ -0,0 +1,16 @@
+#!/bin/sh -e
+
+INSTANCE="$(echo ${INSTANCE:-${TAG}} | envsubst)"
+export RESTIC_REPOSITORY="$(echo ${RESTIC_REPOSITORY} | envsubst)"
+
+restic cat config >/dev/null || restic init
+restic backup --verbose --tag ${TAG} ${BACKUP_PATH}
+restic forget --prune --tag ${TAG} -g paths,tags --keep-hourly 12 --keep-daily 7 --keep-monthly 3
+
+# Metrics
+restic stats --json latest > /tmp/stats.json
+restic snapshots --json latest > /tmp/snapshots.json
+
+cat /tmp/stats.json | jq -r '"restic_stats_total_size_bytes \(.total_size)\nrestic_stats_total_file_count \(.total_file_count)"' > /tmp/output
+cat /tmp/snapshots.json | jq -r 'max_by(.time) | .time | sub(".[0-9]+Z$"; "Z") | fromdate | "restic_stats_last_snapshot_timestamp \(.)"' >> /tmp/output
+cat /tmp/output | curl --data-binary @- "http://prometheus-pushgateway.monitoring.svc.cluster.local:9091/metrics/job/backup/instance/${INSTANCE}"