diff --git a/stack/lamp/buildout.cfg b/stack/lamp/buildout.cfg
index 254a000f8bec239319e4ca72cfb28e7bd5b259df..d75705356b592dc0c57cab1d7ed2c160b5945706 100644
--- a/stack/lamp/buildout.cfg
+++ b/stack/lamp/buildout.cfg
@@ -76,21 +76,28 @@ strip-top-level-dir = true
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance.cfg
 output = ${buildout:directory}/template.cfg
-md5sum = f4e4cf75225685e1787c0bc6d1c16910
+md5sum = 8117f10e814a13c5376af4c01e6546d4
 mode = 0644
 
 [template-apache-php]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-apache-php.cfg
 output = ${buildout:directory}/template-apache-php.cfg
-md5sum = 96d226b30e882e1046e37473109d1ece
+md5sum = 45bc82dc468e7f418d95c846d1a33d74
+mode = 0644
+
+[template-apache-backup]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance-apache-backup.cfg
+output = ${buildout:directory}/template-apache-backup.cfg
+md5sum = cfb77ac8785e0d125a785f69a5339014
 mode = 0644
 
 [template-backuped]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-backuped.cfg
 output = ${buildout:directory}/template-backuped.cfg
-md5sum = d2d910986762b52d8ff965292d7c3635
+md5sum = ad19f5e1803debfa34d3b6408cc96637
 mode = 0644
 
 [template-mariadb]
diff --git a/stack/lamp/instance-apache-backup.cfg b/stack/lamp/instance-apache-backup.cfg
new file mode 100644
index 0000000000000000000000000000000000000000..69f14c2fa48acd7e4f7e1b8a48b4351aad3db126
--- /dev/null
+++ b/stack/lamp/instance-apache-backup.cfg
@@ -0,0 +1,156 @@
+[buildout]
+
+parts =
+  urls
+  apache-proxy
+  logrotate
+  logrotate-entry-apache
+  cron
+  cron-entry-logrotate
+  sshkeys-authority
+  sshkeys-dropbear
+  dropbear-server
+  dropbear-server-pbs-authorized-key
+
+eggs-directory = ${buildout:eggs-directory}
+develop-eggs-directory = ${buildout:develop-eggs-directory}
+offline = true
+
+[urls]
+recipe = slapos.cookbook:publish
+url = http://[$${apache-proxy:ip}]:$${apache-proxy:port}/
+ssh-public-key = $${sshkeys-dropbear:public-key-value}
+ssh-url = ssh://nobody@[$${dropbear-server:host}]:$${dropbear-server:port}/$${rdiff-backup-server:path}
+
+[apache-proxy]
+recipe = slapos.cookbook:apacheproxy
+url = $${slap-parameter:proxy-url}
+pid-file = $${basedirectory:run}/apache.pid
+lock-file = $${basedirectory:run}/apache.lock
+ip = $${slap-network-information:global-ipv6}
+port = 8080
+error-log = $${directory:httpd-log}/error.log
+access-log = $${directory:httpd-log}/access.log
+httpd-conf = $${rootdirectory:etc}/apache.conf
+wrapper = $${basedirectory:services}/apache
+
+promise = $${basedirectory:promises}/apache
+
+httpd-binary = ${apache:location}/bin/httpd
+
+[sshkeys-directory]
+recipe = slapos.cookbook:mkdirectory
+requests = $${directory:sshkeys}/requests/
+keys = $${directory:sshkeys}/keys/
+
+[sshkeys-authority]
+recipe = slapos.cookbook:sshkeys_authority
+request-directory = $${sshkeys-directory:requests}
+keys-directory = $${sshkeys-directory:keys}
+wrapper = $${basedirectory:services}/sshkeys_authority
+keygen-binary = ${dropbear:location}/bin/dropbearkey
+
+[sshkeys-dropbear]
+<= sshkeys-authority
+recipe = slapos.cookbook:sshkeys_authority.request
+name = dropbear
+type = rsa
+executable = $${dropbear-server:wrapper}
+public-key = $${dropbear-server:rsa-keyfile}.pub
+private-key = $${dropbear-server:rsa-keyfile}
+wrapper = $${basedirectory:services}/sshd
+
+[dropbear-server]
+recipe = slapos.cookbook:dropbear
+host = $${slap-network-information:global-ipv6}
+port = 2222
+home = $${directory:ssh}
+wrapper = $${rootdirectory:bin}/raw_sshd
+shell = $${rdiff-backup-server:wrapper}
+rsa-keyfile = $${directory:ssh}/server_key.rsa
+dropbear-binary = ${dropbear:location}/sbin/dropbear
+
+[dropbear-server-pbs-authorized-key]
+<= dropbear-server
+recipe = slapos.cookbook:dropbear.add_authorized_key
+key = $${slap-parameter:authorized-key}
+
+[rdiff-backup-server]
+recipe = slapos.cookbook:pbs
+client = false
+path = $${directory:htdocs}
+wrapper = $${rootdirectory:bin}/rdiffbackup-server
+rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup
+
+[logrotate]
+recipe = slapos.cookbook:logrotate
+# Binaries
+logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
+gzip-binary = ${gzip:location}/bin/gzip
+gunzip-binary = ${gzip:location}/bin/gunzip
+# Directories
+wrapper = $${rootdirectory:bin}/logrotate
+conf = $${rootdirectory:etc}/logrotate.conf
+logrotate-entries = $${directory:logrotate-entries}
+backup = $${directory:logrotate-backup}
+state-file = $${rootdirectory:srv}/logrotate.status
+
+[logrotate-entry-apache]
+<= logrotate
+recipe = slapos.cookbook:logrotate.d
+name = apache
+log = $${apache-proxy:error-log} $${apache-proxy:access-log}
+frequency = daily
+rotate-num = 30
+sharedscripts = true
+notifempty = true
+create = true
+
+[cron]
+recipe = slapos.cookbook:cron
+dcrond-binary = ${dcron:location}/sbin/crond
+cron-entries = $${directory:cron-entries}
+crontabs = $${directory:crontabs}
+cronstamps = $${directory:cronstamps}
+catcher = $${cron-simplelogger:wrapper}
+binary = $${basedirectory:services}/crond
+
+[cron-simplelogger]
+recipe = slapos.cookbook:simplelogger
+wrapper = $${rootdirectory:bin}/cron_simplelogger
+log = $${basedirectory:log}/crond.log
+
+[cron-entry-logrotate]
+<= cron
+recipe = slapos.cookbook:cron.d
+name = logrotate
+frequency = 0 0 * * *
+command = $${logrotate:wrapper}
+
+[rootdirectory]
+recipe = slapos.cookbook:mkdirectory
+etc = $${buildout:directory}/etc/
+var = $${buildout:directory}/var/
+srv = $${buildout:directory}/srv/
+bin = $${buildout:directory}/bin/
+tmp = $${buildout:directory}/tmp/
+
+[basedirectory]
+recipe = slapos.cookbook:mkdirectory
+log = $${rootdirectory:var}/log/
+services = $${rootdirectory:etc}/run/
+run = $${rootdirectory:var}/run/
+backup = $${rootdirectory:srv}/backup/
+promises = $${rootdirectory:etc}/promise/
+
+[directory]
+recipe = slapos.cookbook:mkdirectory
+htdocs = $${rootdirectory:srv}/www/
+logrotate-entries = $${rootdirectory:etc}/logrotate.d/
+logrotate-backup = $${basedirectory:backup}/logrotate/
+cronstamps = $${rootdirectory:etc}/cronstamps/
+cron-entries = $${rootdirectory:etc}/cron.d/
+crontabs = $${rootdirectory:etc}/crontabs/
+ssh = $${rootdirectory:etc}/ssh/
+sshkeys = $${rootdirectory:srv}/sshkeys
+httpd-log = $${basedirectory:log}/apache/
diff --git a/stack/lamp/instance-apache-php.cfg b/stack/lamp/instance-apache-php.cfg
index 0f58dd97ccc7f4c2fad01032f4a42d68ac2c1d1f..77e266f21def3d68a1ee1cfbe374e9eb4bb86ea6 100644
--- a/stack/lamp/instance-apache-php.cfg
+++ b/stack/lamp/instance-apache-php.cfg
@@ -19,9 +19,7 @@ offline = true
 
 [url]
 recipe = slapos.cookbook:publishurl
-scheme = http
-host = $${apache-php:ip}
-port = $${apache-php:port}
+url = http://[$${apache-php:ip}]:$${apache-php:port}/
 
 [mariadb-urlparse]
 recipe = slapos.cookbook:urlparse
diff --git a/stack/lamp/instance-backuped.cfg b/stack/lamp/instance-backuped.cfg
index b7f34a48127f3f8431368ebe780146c386b89579..6876e6566b2616bb23656d2e2a2caddbbeb32a98 100644
--- a/stack/lamp/instance-backuped.cfg
+++ b/stack/lamp/instance-backuped.cfg
@@ -6,9 +6,12 @@ extends =
 parts =
   request-mariadb
   request-mariadb-pseudo-replicating
+  request-apache-backup
   request-pull-backup-server
   request-pull-backup-server-mariadb
   request-pull-backup-server-mariadb-backup
+  request-pull-backup-server-apache
+  request-pull-backup-server-apache-backup
   url
   apache-php
   stunnel
@@ -19,6 +22,51 @@ parts =
   logrotate-entry-stunnel
   cron
   cron-entry-logrotate
+  dropbear-server-pbs-authorized-key
+
+[sshkeys-directory]
+recipe = slapos.cookbook:mkdirectory
+requests = $${directory:sshkeys}/requests/
+keys = $${directory:sshkeys}/keys/
+
+[sshkeys-authority]
+recipe = slapos.cookbook:sshkeys_authority
+request-directory = $${sshkeys-directory:requests}
+keys-directory = $${sshkeys-directory:keys}
+wrapper = $${basedirectory:services}/sshkeys_authority
+keygen-binary = ${dropbear:location}/bin/dropbearkey
+
+[sshkeys-dropbear]
+<= sshkeys-authority
+recipe = slapos.cookbook:sshkeys_authority.request
+name = dropbear
+type = rsa
+executable = $${dropbear-server:wrapper}
+public-key = $${dropbear-server:rsa-keyfile}.pub
+private-key = $${dropbear-server:rsa-keyfile}
+wrapper = $${basedirectory:services}/sshd
+
+[dropbear-server]
+recipe = slapos.cookbook:dropbear
+host = $${slap-network-information:global-ipv6}
+port = 2222
+home = $${directory:ssh}
+wrapper = $${rootdirectory:bin}/raw_sshd
+shell = $${rdiff-backup-server:wrapper}
+rsa-keyfile = $${directory:ssh}/server_key.rsa
+dropbear-binary = ${dropbear:location}/sbin/dropbear
+
+[dropbear-server-pbs-authorized-key]
+<= dropbear-server
+recipe = slapos.cookbook:dropbear.add_authorized_key
+key = $${request-pull-backup-server:connection-ssh-key}
+
+[rdiff-backup-server]
+recipe = slapos.cookbook:pbs
+client = false
+path = $${directory:htdocs}
+wrapper = $${rootdirectory:bin}/rdiffbackup-server
+rdiffbackup-binary = ${buildout:bin-directory}/rdiff-backup
 
 [request-pull-backup-server]
 <= slap-connection
@@ -31,7 +79,6 @@ slave = false
 
 [request-mariadb]
 software-type = mariadb-pbsready-export
-id = $${slap-parameter:mariadb-id}
 config = authorized-key notify
 config-authorized-key = $${request-pull-backup-server:connection-ssh-key}
 config-notify = $${request-pull-backup-server:connection-notification-url}
@@ -40,9 +87,7 @@ return = url ssh-public-key ssh-url notification-id
 [request-mariadb-pseudo-replicating]
 <= slap-connection
 recipe = slapos.cookbook:request
-name = $${request-mariadb:name}
-id = $${request-mariadb:id}
-id-increment = 1
+name = MariaDB Backup
 software-url = $${slap-connection:software-release-url}
 software-type = mariadb-pbsready-import
 return = url ssh-public-key ssh-url notification-url
@@ -51,10 +96,51 @@ config-authorized-key = $${request-pull-backup-server:connection-ssh-key}
 pbs-notification-id = $${slap-connection:computer-id}-$${slap-connection:partition-id}-mariadb-push
 config-on-notification = $${request-pull-backup-server:connection-feeds-url}$${:pbs-notification-id}
 
+[request-apache-backup]
+<= slap-connection
+recipe = slapos.cookbook:request
+name = Apache Backup
+software-url = $${slap-connection:software-release-url}
+software-type = apache-backup
+return = url ssh-url ssh-public-key
+config = authorized-key proxy-url
+config-authorized-key = $${request-pull-backup-server:connection-ssh-key}
+config-proxy-url = $${url:url}
+
+[request-pull-backup-server-apache]
+<= request-pull-backup-server
+   slap-connection
+recipe = slapos.cookbook:request
+name = PBS pulling from Apache
+software-url = $${slap-connection:software-release-url}
+config = url name type server-key notify notification-id frequency
+config-url = ssh://nobody@[$${dropbear-server:host}]:$${dropbear-server:port}/$${rdiff-backup-server:path}
+config-name = $${slap-connection:computer-id}-$${slap-connection:partition-id}-apache
+config-type = pull
+config-server-key = $${sshkeys-dropbear:public-key-value}
+config-notify = $${request-pull-backup-server:connection-notification-url}
+config-notification-id = $${slap-connection:computer-id}-$${slap-connection:partition-id}-apache-pull
+config-frequency = 30 * * * *
+slave = true
+
+[request-pull-backup-server-apache-backup]
+<= request-pull-backup-server
+   slap-connection
+recipe = slapos.cookbook:request
+name = PBS pushing to $${request-apache-backup:name}
+software-url = $${slap-connection:software-release-url}
+config = url name type server-key on-notification
+config-url = $${request-apache-backup:connection-ssh-url}
+config-name = $${request-pull-backup-server-apache:config-name}
+config-type = push
+config-server-key = $${request-apache-backup:connection-ssh-public-key}
+config-on-notification = $${request-pull-backup-server:connection-feeds-url}$${request-pull-backup-server-apache:config-notification-id}
+slave = true
+
 [request-pull-backup-server-mariadb]
 <= request-pull-backup-server
    slap-connection
-name = PBS pulling from MariaDB (backuped)
+name = PBS pulling from $${request-mariadb:name}
 config = url name type server-key on-notification notify notification-id title
 config-url = $${request-mariadb:connection-ssh-url}
 config-name = $${slap-connection:computer-id}-$${slap-connection:partition-id}-mariadb
@@ -69,10 +155,10 @@ slave = true
 [request-pull-backup-server-mariadb-backup]
 <= request-pull-backup-server
    slap-connection
-name = PBS pushing on MariaDB (ready to use backup)
+name = PBS pushing on $${request-mariadb-pseudo-replicating:name}
 config = url name type server-key on-notification notify notification-id title
 config-url = $${request-mariadb-pseudo-replicating:connection-ssh-url}
-config-name = $${slap-connection:computer-id}-$${slap-connection:partition-id}-mariadb
+config-name = $${request-pull-backup-server-mariadb:config-name}
 config-type = push
 config-server-key = $${request-mariadb-pseudo-replicating:connection-ssh-public-key}
 config-on-notification = $${request-pull-backup-server:connection-feeds-url}$${request-pull-backup-server-mariadb:config-notification-id}
@@ -80,3 +166,7 @@ config-notify = $${request-mariadb-pseudo-replicating:connection-notification-ur
 config-notification-id = $${request-mariadb-pseudo-replicating:pbs-notification-id}
 config-title = Pushing to MariaDB backup
 slave = true
+
+[directory]
+ssh = $${rootdirectory:etc}/ssh/
+sshkeys = $${rootdirectory:srv}/sshkeys
diff --git a/stack/lamp/instance.cfg b/stack/lamp/instance.cfg
index 93dbffeb001e3ffea94474450b83576a3f068225..be6cc34ffb40c17e46aaea2e390aa435adff9712 100644
--- a/stack/lamp/instance.cfg
+++ b/stack/lamp/instance.cfg
@@ -14,3 +14,4 @@ mariadb = ${template-mariadb:output}
 mariadb-pbsready-import = ${template-mariadb-pbsready-import:output}
 mariadb-pbsready-export = ${template-mariadb-pbsready-export:output}
 pull-backup = ${template-pull-backup:output}
+apache-backup = ${template-apache-backup:output}