diff --git a/group_vars/baie.yml b/group_vars/baie.yml
new file mode 100644
index 0000000000000000000000000000000000000000..06fecd60192a5978f14e9081c813b3e4f9797588
--- /dev/null
+++ b/group_vars/baie.yml
@@ -0,0 +1,4 @@
+---
+loc_apt:
+  backports:
+    components: 'main contrib non-free'
diff --git a/group_vars/crans_server/vars.yml b/group_vars/crans_server/vars.yml
index 876a0d405628f12d95e4cde9d9878e5136efe4d2..8e6eb23b6a670dcac233521b37c6932a6a6c1352 100644
--- a/group_vars/crans_server/vars.yml
+++ b/group_vars/crans_server/vars.yml
@@ -3,13 +3,6 @@ ldap:
   servers: ["172.16.1.1"]
   base: "dc=crans,dc=org"
 
-
-# Parameters for debian and ubuntu mirror
-debian_mirror: http://mirror.adm.crans.org/debian
-ubuntu_mirror: http://mirror.adm.crans.org/ubuntu
-debian_components: main contrib non-free
-ubuntu_components: main restricted universe multiverse
-
 glob_borg:
   to_backup:
     - /etc
diff --git a/group_vars/keepalived.yml b/group_vars/keepalived.yml
index 2b4fbd4068a9eb7b7374ab63632ba3608cec3160..9f2fc888f5d956fb6e8c4a727f1d1257596919ea 100644
--- a/group_vars/keepalived.yml
+++ b/group_vars/keepalived.yml
@@ -5,12 +5,28 @@ glob_keepalived:
   mail_destination: root@crans.org
   smtp_server: smtp.adm.crans.org
   pool:
-    dhcp:
+    all:
       password: "plopisverysecure"
       id: 60
       ipv6: yes
       notify: /usr/scripts/notify-dhcp
       zones:
+        - vlan: zayo
+          ipv4: 158.255.113.73/31
+          brd: false
+          ipv6: 2001:1b48:2:103::bb:2/126
+        - vlan: srv
+          ipv4: 185.230.79.62/26
+          brd: true
+          ipv6: 2a0c:700:2::ff:fe00:9902/64
+        - vlan: srv_nat
+          ipv4: 172.16.3.99/24
+          brd: true
+          ipv6: 2a0c:700:3::ff:fe00:9903/64
+        - vlan: infra
+          ipv4: 172.16.32.99/22
+          brd: true
+          ipv6: fd00::11:0:ff:fe00:9911/64
         - vlan: adh
           ipv4: 185.230.78.99/24
           brd: true
@@ -19,12 +35,3 @@ glob_keepalived:
           ipv4: 100.64.0.99/16
           brd: true
           ipv6: 2a0c:700:13::ff:fe00:9913/48
-    radius:
-      password: 'plopisverysecure'
-      id: 61
-      ipv6: yes
-      zones:
-        - vlan: infra
-          ipv4: 172.16.32.99/22
-          brd: true
-          ipv6: fd00::11:0:ff:fe00:9911/64
diff --git a/group_vars/server/apt.yml b/group_vars/server/apt.yml
new file mode 100644
index 0000000000000000000000000000000000000000..22b8c5e2e3f0eaadfb0eb83e43a5a92047689a6e
--- /dev/null
+++ b/group_vars/server/apt.yml
@@ -0,0 +1,18 @@
+---
+glob_apt:
+  protocol: http://
+  mirror: mirror.adm.crans.org
+  pool: debian
+  debs:
+    - name: ''
+      path: ''
+      components: 'main contrib non-free'
+      comment: 'Dépot classique'
+    - name: ''
+      path: '-updates'
+      components: 'main contrib non-free'
+      comment: 'Mises à jour fréquentes (volatiles)'
+    - name: '-security'
+      path: '/updates'
+      components: 'main contrib non-free'
+      comment: 'Mises à jour de sécurité'
diff --git a/group_vars/virtu.yml b/group_vars/virtu.yml
new file mode 100644
index 0000000000000000000000000000000000000000..247e0e5b8915b23650e92b0dd4180d167a623627
--- /dev/null
+++ b/group_vars/virtu.yml
@@ -0,0 +1,3 @@
+---
+loc_apt:
+  proxmox: yes
diff --git a/host_vars/bigbluebutton.adm.crans.org.yml b/host_vars/bigbluebutton.adm.crans.org.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f87095bbcf76f3086344980267b7b56d1e7dca51
--- /dev/null
+++ b/host_vars/bigbluebutton.adm.crans.org.yml
@@ -0,0 +1,17 @@
+---
+loc_apt:
+  pool: ubuntu
+  debs:
+    - name: ''
+      path: ''
+      components: 'main restricted universe multiverse'
+      comment: 'Dépot classique'
+    - name: ''
+      path: '-updates'
+      components: 'main restricted universe multiverse'
+      comment: 'Mises à jour fréquentes (volatiles)'
+    - name: ''
+      path: '-security'
+      components: 'main restricted universe multiverse'
+      comment: 'Mises à jour de sécurité'
+
diff --git a/host_vars/fluxx.adm.crans.org.yml b/host_vars/fluxx.adm.crans.org.yml
index 5cde204461d4051fcc160eab974a5c25e3663a6c..e491027d888d90703b314bdf6dd5e4dbe693c3da 100644
--- a/host_vars/fluxx.adm.crans.org.yml
+++ b/host_vars/fluxx.adm.crans.org.yml
@@ -1,3 +1,14 @@
 ---
 interfaces:
   adm: eth0
+
+loc_apt:
+  debs:
+    - name: ''
+      path: ''
+      components: 'main non-free'
+      comment: 'Dépot classique'
+    - name: ''
+      path: '-updates'
+      components: 'main non-free'
+      comment: 'Mises à jour fréquentes (volatiles)'
diff --git a/host_vars/monitoring.adm.crans.org.yml b/host_vars/monitoring.adm.crans.org.yml
index ab6e12d6c57a8cc963b56891d576dd85b15c3a73..aa932be19d17dee8740366f23d28be9f73418bc4 100644
--- a/host_vars/monitoring.adm.crans.org.yml
+++ b/host_vars/monitoring.adm.crans.org.yml
@@ -2,3 +2,15 @@ interfaces:
   adm: eth0
   srv_nat: eth1
   infra: eth2
+
+loc_apt:
+  debs:
+    - name: ''
+      path: ''
+      components: 'main non-free'
+      comment: 'Dépot classique'
+    - name: ''
+      path: '-updates'
+      components: 'main non-free'
+      comment: 'Mises à jour fréquentes (volatiles)'
+
diff --git a/host_vars/routeur-jack.adm.crans.org.yml b/host_vars/routeur-jack.adm.crans.org.yml
new file mode 100644
index 0000000000000000000000000000000000000000..ed97d539c095cf1413af30cc23dea272095b97dd
--- /dev/null
+++ b/host_vars/routeur-jack.adm.crans.org.yml
@@ -0,0 +1 @@
+---
diff --git a/host_vars/unifi.adm.crans.org.yml b/host_vars/unifi.adm.crans.org.yml
new file mode 100644
index 0000000000000000000000000000000000000000..6824c2cbf88c2515320736f65bb3917858e53bf7
--- /dev/null
+++ b/host_vars/unifi.adm.crans.org.yml
@@ -0,0 +1,10 @@
+---
+loc_apt:
+  additional_repository:
+    - name: 100-ubnt-unifi
+      uri: https://www.ui.com/downloads/unifi/debian
+      release: stable
+      components: ubiquiti
+      key:
+        id: 06E85760C0A52C50
+        server: keyserver.ubuntu.com
diff --git a/host_vars/zamok.adm.crans.org.yml b/host_vars/zamok.adm.crans.org.yml
index bf60fd812bd4dee43b38d9b2c7b71293c520a6b1..ee2cc31e3d311609037f6587913d7d180ec2363b 100644
--- a/host_vars/zamok.adm.crans.org.yml
+++ b/host_vars/zamok.adm.crans.org.yml
@@ -7,3 +7,14 @@ loc_borg:
       params:
         - "- name: all"
         - "  password: {{ vault_mysql_zamok_password }}"
+
+loc_apt:
+  debs:
+    - name: ''
+      path: ''
+      components: 'main non-free'
+      comment: 'Dépot classique'
+    - name: ''
+      path: '-updates'
+      components: 'main non-free'
+      comment: 'Mises à jour fréquentes (volatiles)'
diff --git a/hosts b/hosts
index 98de0fe45d3deef064b90c87e0675d84f864f24c..4773a52e4b73545b7c960c99f8502791baf9f11b 100644
--- a/hosts
+++ b/hosts
@@ -60,9 +60,9 @@ routeurs_vm
 
 [ldap_server]
 tealc.adm.crans.org
-sam.adm.crans.org
-daniel.adm.crans.org
-jack.adm.crans.org
+
+[ldap_server:children]
+virtu
 
 [monitoring]
 monitoring.adm.crans.org
@@ -156,7 +156,7 @@ roundcube.adm.crans.org
 titanic.adm.crans.org
 tracker.adm.crans.org
 voyager.adm.crans.org
-#unifi.adm.crans.org
+unifi.adm.crans.org
 
 [crans_vm:children]
 routeurs_vm
diff --git a/plays/root.yml b/plays/root.yml
index 2b3d83c3da637678061d78680972d6457a1f4402..395104fbb91ed3f4d8e26f26b6a4817aaee0998c 100755
--- a/plays/root.yml
+++ b/plays/root.yml
@@ -2,34 +2,11 @@
 ---
 # root is the first playbook to launch (as root) whe initiation a new server
 
-- hosts: server
-  tasks:
-    - name: Check if mirror.adm is defined in /etc/hosts
-      lineinfile:
-        state: absent
-        path: /etc/hosts
-        regexp: '^{{ glob_mirror.ip }}'
-      check_mode: True
-      changed_when: False
-      register: check_mirror
-
-    - name: Define mirror.adm.crans.org if it doesn't exist.
-      lineinfile:
-        path: /etc/hosts
-        line: '{{ glob_mirror.ip }} {{ glob_mirror.name }}'
-        insertafter: '127.0.0.1 localhost'
-      when: check_mirror.found == 0
-
-- hosts: baie
-  roles:
-    - baie
-
-- hosts: virtu
-  roles:
-    - proxmox-apt-sources
-
 - hosts: server
   vars:
+    play_apt:
+      mirror: 172.16.10.30
+    apt: '{{ glob_apt | combine(loc_apt | default({})) | combine(play_apt) }}'
     # # Will be in /usr/scripts/
     # crans_scripts_git: "http://gitlab.adm.crans.org/nounous/scripts.git"
 
@@ -38,13 +15,17 @@
       - charybde.adm.crans.org
     #   - silice.adm.crans.org
   roles:
-    - debian-apt-sources
+    - apt
     - common-tools
     - sudo
     - ntp-client
     # - crans-scripts
     - root-config
 
+- hosts: baie
+  roles:
+    - zfs
+
 - hosts: crans_vm
   roles:
     - qemu-guest-agent
@@ -84,5 +65,12 @@
       retries: 3
       until: apt_result is succeeded
 
+# Deploys back the apt configuration using the uri and not the ip
+- hosts: server
+  vars:
+    apt: '{{ glob_apt | combine(loc_apt | default({})) }}'
+  roles:
+    - apt
+
 - import_playbook: borgbackups_client.yml
 - import_playbook: monitoring.yml
diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..4119d4e552592eed045ac37a41e9f2af0da8b469
--- /dev/null
+++ b/roles/apt/tasks/main.yml
@@ -0,0 +1,35 @@
+---
+- name: Configure Debian repositories
+  template:
+    src: apt/sources.list.j2
+    dest: /etc/apt/sources.list
+
+- name: Configure Debian backports repository
+  template:
+    src: apt/sources.list.d/backports.list.j2
+    dest: /etc/apt/sources.list.d/backports.list
+  when: apt.backports is defined
+
+- name: Configure Proxmox repositories
+  template:
+    src: apt/sources.list.d/pve-enterprise.list.j2
+    dest: /etc/apt/sources.list.d/pve-enterprise.list
+  when: apt.proxmox is defined and apt.proxmox
+
+- name: Configure apt additional keys
+  apt_key:
+    keyserver: '{{ item.key.server }}'
+    id: '{{ item.key.id }}'
+    state: present
+  register: apt_key_result
+  retries: 3
+  until: apt_key_result is succeeded
+  when: apt.additional_repository
+  loop: "{{ apt.additional_repository | selectattr('key', 'defined') }}"
+
+- name: Configure additional repositories
+  template:
+    src: apt/sources.list.d/additional-repository.list.j2
+    dest: /etc/apt/sources.list.d/{{ item.name }}.list
+  when: apt.additional_repository
+  loop: "{{ apt.additional_repository | list }}"
diff --git a/roles/apt/templates/apt/sources.list.d/additional-repository.list.j2 b/roles/apt/templates/apt/sources.list.d/additional-repository.list.j2
new file mode 100644
index 0000000000000000000000000000000000000000..d6098ad37980761e7d9240f4adace8342668a478
--- /dev/null
+++ b/roles/apt/templates/apt/sources.list.d/additional-repository.list.j2
@@ -0,0 +1 @@
+deb {{ item.uri }} {{ item.release }} {{ item.components }}
diff --git a/roles/apt/templates/apt/sources.list.d/backports.list.j2 b/roles/apt/templates/apt/sources.list.d/backports.list.j2
new file mode 100644
index 0000000000000000000000000000000000000000..2d03ad522f5802e2b7f861b4013333d7240bbd4b
--- /dev/null
+++ b/roles/apt/templates/apt/sources.list.d/backports.list.j2
@@ -0,0 +1 @@
+deb {{ apt.protocol }}{{ apt.mirror }}/{{ apt.pool }} {{ ansible_distribution_release }}-backports {{ apt.backports.components }}
diff --git a/roles/apt/templates/apt/sources.list.d/pve-enterprise.list.j2 b/roles/apt/templates/apt/sources.list.d/pve-enterprise.list.j2
new file mode 100644
index 0000000000000000000000000000000000000000..83e0c080a64eec9a3edfde40ceb76569dac937db
--- /dev/null
+++ b/roles/apt/templates/apt/sources.list.d/pve-enterprise.list.j2
@@ -0,0 +1,2 @@
+{{ ansible_header | comment }}
+deb     {{ apt.protocol }}{{ apt.mirror }}/proxmox/debian/pve {{ ansible_distribution_release }} pve-no-subscription
diff --git a/roles/apt/templates/apt/sources.list.j2 b/roles/apt/templates/apt/sources.list.j2
new file mode 100644
index 0000000000000000000000000000000000000000..9dd9a5e922aa90ffe11e93a3f2e5a2a1f819331e
--- /dev/null
+++ b/roles/apt/templates/apt/sources.list.j2
@@ -0,0 +1,7 @@
+{{ ansible_header | comment }}
+
+{% for deb in apt.debs %}
+# {{ deb.comment }}
+deb {{ apt.protocol }}{{ apt.mirror }}/{{ apt.pool }}{{ deb.name }} {{ ansible_distribution_release }}{{ deb.path }} {{ deb.components }}
+
+{% endfor %}
diff --git a/roles/baie/templates/apt/sources.list.d/backports.list.j2 b/roles/baie/templates/apt/sources.list.d/backports.list.j2
deleted file mode 100644
index 6326b3e479e0fdc2fe3f69a4312f06057f4c9d54..0000000000000000000000000000000000000000
--- a/roles/baie/templates/apt/sources.list.d/backports.list.j2
+++ /dev/null
@@ -1 +0,0 @@
-deb     {{ debian_mirror }} {{ ansible_lsb.codename }}-backports main contrib non-free
diff --git a/roles/debian-apt-sources/tasks/main.yml b/roles/debian-apt-sources/tasks/main.yml
deleted file mode 100644
index 24c5fc4e520e5a4ab990ef4196c7a566d075fea2..0000000000000000000000000000000000000000
--- a/roles/debian-apt-sources/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: Configure Debian repositories
-  template:
-    src: apt/sources.list.j2
-    dest: /etc/apt/sources.list
diff --git a/roles/debian-apt-sources/templates/apt/sources.list.j2 b/roles/debian-apt-sources/templates/apt/sources.list.j2
deleted file mode 100644
index 87b2cab297a0fb69238b0b9463f692befa142a6a..0000000000000000000000000000000000000000
--- a/roles/debian-apt-sources/templates/apt/sources.list.j2
+++ /dev/null
@@ -1,30 +0,0 @@
-{{ ansible_header | comment }}
-
-{% if ansible_distribution == "Debian" %}
-{% if ansible_distribution_release != "bullseye" %}
-{# Debian security does not exist yet for bullseye #}
-# Mises à jour de sécurité
-deb     {{ debian_mirror }}-security {{ ansible_distribution_release }}/updates {{ debian_components }}
-
-{% endif %}
-# Dépôt classique
-deb     {{ debian_mirror }} {{ ansible_distribution_release }} {{ debian_components }}
-
-# Dépôt pour mises à jour fréquentes (volatile)
-deb     {{ debian_mirror }} {{ ansible_distribution_release }}-updates {{ debian_components }}
-
-{% if backports | default(false) %}
-# Backports
-deb     {{ debian_mirror }} {{ ansible_distribution_release }}-backports {{ debian_components }}
-{% endif %}
-
-{% elif ansible_distribution == "Ubuntu" %}
-# Mises à jour de sécurité
-deb     {{ ubuntu_mirror }} {{ ansible_distribution_release }}-security {{ ubuntu_components }}
-
-# Dépôt classique
-deb     {{ ubuntu_mirror }} {{ ansible_distribution_release }} {{ ubuntu_components }}
-
-# Dépôt pour mises à jour fréquentes (volatile)
-deb     {{ ubuntu_mirror }} {{ ansible_distribution_release }}-updates {{ ubuntu_components }}
-{% endif %}
diff --git a/roles/proxmox-apt-sources/tasks/main.yml b/roles/proxmox-apt-sources/tasks/main.yml
deleted file mode 100644
index 1774927c974b4ad0585f5e85ed1318513499ee48..0000000000000000000000000000000000000000
--- a/roles/proxmox-apt-sources/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: Configure Proxmox repositories
-  template:
-    src: apt/sources.list.d/pve-enterprise.list.j2
-    dest: /etc/apt/sources.list.d/pve-enterprise.list
diff --git a/roles/proxmox-apt-sources/templates/apt/sources.list.d/pve-enterprise.list.j2 b/roles/proxmox-apt-sources/templates/apt/sources.list.d/pve-enterprise.list.j2
deleted file mode 100644
index 739806d30d471227cce6da4730d3893282f069ed..0000000000000000000000000000000000000000
--- a/roles/proxmox-apt-sources/templates/apt/sources.list.d/pve-enterprise.list.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-{{ ansible_header | comment }}
-deb     http://mirror.adm.crans.org/proxmox/debian/pve {{ ansible_lsb.codename }} pve-no-subscription
diff --git a/roles/baie/tasks/main.yml b/roles/zfs/tasks/main.yml
similarity index 71%
rename from roles/baie/tasks/main.yml
rename to roles/zfs/tasks/main.yml
index 1ab5cece5e82e3d4d35142df77bb495936f7cea2..0b546d9bdb7fb54585f60781916bc407c5a8ec9f 100644
--- a/roles/baie/tasks/main.yml
+++ b/roles/zfs/tasks/main.yml
@@ -1,9 +1,4 @@
 ---
-- name: Configure Debian backports repository
-  template:
-    src: apt/sources.list.d/backports.list.j2
-    dest: /etc/apt/sources.list.d/backports.list
-
 - name: Install ZFS
   apt:
     update_cache: true