diff --git a/group_vars/rsyncd.yml b/group_vars/rsyncd.yml
new file mode 100644
index 0000000000000000000000000000000000000000..91b0b4308eaaa18cd39852db5823117a24f3126f
--- /dev/null
+++ b/group_vars/rsyncd.yml
@@ -0,0 +1,12 @@
+---
+glob_rsyncd:
+  modules:
+    - name: ftp
+      path: /pool/mirror/pub/
+      comment: CRANS FTP
+      hosts_allow: "*"
+    - name: videolan
+      path: /pool/memorial/videolan
+      comment: VideoLAN repository
+      hosts_allow: "*"
+
diff --git a/hosts b/hosts
index 716747aa11f206e13233a8071ae40b9b81f3295c..7f43b16dd307481d03a721ae9f9e52b0e6c9537d 100644
--- a/hosts
+++ b/hosts
@@ -193,6 +193,10 @@ roundcube.adm.crans.org
 routeur-sam.adm.crans.org
 routeur-gulp.cachan-adm.crans.org
 
+[rsyncd]
+charybde.adm.crans.org
+eclat.adm.crans.org
+
 [rsyslog_server]
 gulp.cachan-adm.crans.org
 tealc.adm.crans.org
diff --git a/roles/rsync-client/templates/rsyncd.conf.j2 b/roles/rsync-client/templates/rsyncd.conf.j2
deleted file mode 100644
index 89c873a7b3a2a84c93b7b753b1cd0d0643d59eb5..0000000000000000000000000000000000000000
--- a/roles/rsync-client/templates/rsyncd.conf.j2
+++ /dev/null
@@ -1,53 +0,0 @@
-{{ ansible_header | comment }}
-
-# GLOBAL OPTIONS
-log file=/var/log/rsyncd
-# for pid file, dont' use /var/run/rsync.pid unless you're not going to run
-# rsync out of the init.d script. The /var/run/rsyncd.pid below is OK.
-pid file=/var/run/rsyncd.pid
-syslog facility=daemon
-
-uid = root
-gid = root
-use chroot = no
-read only = yes
-# On ne liste pas les modules
-list = no
-#max connections=2
-ignore errors = no
-ignore nonreadable = yes
-# ne loggue pas tous les fichiers
-transfer logging = no 
-dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz
-# verifie les droits de /etc/rsyncd.secrets
-strict modes = yes
-# personne n'accede aux modules par defaut
-hosts deny = *
-
-# Listen only on adm
-address = {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.address }}
-
-# MODULE OPTIONS
-
-{# Liste des dossiers a sauvegarder par serveur, en plus de la racine. #}
-{% for partition in to_backup %}
-
-[{{ partition.name }}]
-path = {{ partition.path }}
-{% if partition.comment is defined %}
-comment = {{ partition.comment }}
-{% endif %}
-{% if partition.uid is defined %}
-uid = {{ partition.uid }}
-gid = {{ partition.gid }}
-{% endif %}
-{% if partition.auth_users is defined %}
-auth users = {{ partition.auth_users }}
-secrets file = {{ partition.secrets_file }}
-{% endif %}
-hosts allow = {{ partition.hosts_allow | join(" ") }}
-{% if partition.read_only is defined %}
-read only = {{ partition.read_only }}
-{% endif %}
-
-{% endfor %}
diff --git a/roles/rsync-client/tasks/main.yml b/roles/rsyncd/tasks/main.yml
similarity index 66%
rename from roles/rsync-client/tasks/main.yml
rename to roles/rsyncd/tasks/main.yml
index 2647c076b3cdff081b8ff027b20edd7b1ea79a97..591a8f50c188d624a1fa47c0b0374e0cb75b8865 100644
--- a/roles/rsync-client/tasks/main.yml
+++ b/roles/rsyncd/tasks/main.yml
@@ -19,18 +19,8 @@
     dest: /etc/rsyncd.conf
     mode: 0644
 
-- name: Copy rsyncd secrets
-  copy:
-    content: "backupcrans:{{ backuppc_rsyncd_passwd }}\n"
-    dest: /etc/rsyncd.secrets
-    mode: 0600
-
 - name: Start rsync service
   systemd:
     name: rsync
     enabled: true
     state: started
-
-- name: TODO
-  debug:
-    msg: Make use of the lookup plugin to avoid hardcoding things ?
diff --git a/roles/rsyncd/templates/rsyncd.conf.j2 b/roles/rsyncd/templates/rsyncd.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..b900c471794f21f042fd4a73b1e1a96f81820bcb
--- /dev/null
+++ b/roles/rsyncd/templates/rsyncd.conf.j2
@@ -0,0 +1,37 @@
+{{ ansible_header | comment }}
+
+# GLOBAL OPTIONS
+log file=/var/log/rsyncd
+# for pid file, dont' use /var/run/rsync.pid unless you're not going to run
+# rsync out of the init.d script. The /var/run/rsyncd.pid below is OK.
+pid file=/var/run/rsyncd.pid
+syslog facility=daemon
+
+uid = root
+gid = root
+use chroot = no
+read only = yes
+# On ne liste pas les modules
+list = no
+#max connections=2
+ignore errors = no
+ignore nonreadable = yes
+# ne loggue pas tous les fichiers
+transfer logging = no 
+dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz
+# verifie les droits de /etc/rsyncd.secrets
+strict modes = yes
+# personne n'accede aux modules par defaut
+hosts deny = *
+
+# MODULE OPTIONS
+{% for module in rsyncd.modules -%}
+[{{ module.name }}]
+path = {{ module.path }}
+comment = {{ module.comment }}
+uid = nobody
+gid = nogroup
+hosts allow = {{ module.hosts_allow }}
+read only = yes
+
+{% endfor %}