diff --git a/hosts b/hosts
index 09ffad9e..dc616941 100644
--- a/hosts
+++ b/hosts
@@ -23,6 +23,9 @@
 # [test_vm]
 # re2o-test.adm.crans.org
 
+[backups]
+zephir.adm.crans.org
+
 [certbot]
 gitzly.adm.crans.org
 
diff --git a/plays/backup.yml b/plays/backup.yml
index c656364c..1949a5ca 100755
--- a/plays/backup.yml
+++ b/plays/backup.yml
@@ -8,3 +8,8 @@
   roles:
     - borgbackup-client
 
+- hosts: backups
+  vars:
+    borg: '{{ glob_borg | default({}) | combine(loc_borg | default({})) }}'
+  roles:
+    - borgbackup-server
diff --git a/roles/borgbackup-server/tasks/main.yml b/roles/borgbackup-server/tasks/main.yml
new file mode 100644
index 00000000..052347d5
--- /dev/null
+++ b/roles/borgbackup-server/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+- name: Install borgbackup
+  apt:
+    update_cache: true
+    name:
+      - borgbackup
+    state: present
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
+- name: Create borgbackup user
+  user:
+    create_home: yes
+    home: '/var/lib/borg/'
+    system: yes
+    state: present
+    update_password: always
+    name: borg
+
+- name: Ensures .ssh dir exists
+  file:
+    path: /var/lib/borg/.ssh
+    state: directory
+    mode: 0700
+    owner: borg
+
+- name: Deploy authorized_keys
+  template:
+    src: "authorized_keys.j2"
+    dest: "/var/lib/borg/.ssh/authorized_keys"
+    mode: 0600
+
+- name: Indicate role in motd
+  template:
+    src: update-motd.d/05-service.j2
+    dest: /etc/update-motd.d/05-borg
+    mode: 0755
diff --git a/roles/borgbackup-server/templates/authorized_keys.j2 b/roles/borgbackup-server/templates/authorized_keys.j2
new file mode 100644
index 00000000..9c3ff0ca
--- /dev/null
+++ b/roles/borgbackup-server/templates/authorized_keys.j2
@@ -0,0 +1,3 @@
+{{ ansible_header | comment }}
+
+command="borg serve --restrict-to-path {{ borg.path }}",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding {{ vault_borgbackup_ssh_pubkey }}
diff --git a/roles/borgbackup-server/templates/update-motd.d/05-service.j2 b/roles/borgbackup-server/templates/update-motd.d/05-service.j2
new file mode 100755
index 00000000..f27119aa
--- /dev/null
+++ b/roles/borgbackup-server/templates/update-motd.d/05-service.j2
@@ -0,0 +1,3 @@
+#!/usr/bin/tail +14
+{{ ansible_header | comment }}
+[0m> [38;5;82mBorgbackup (Serveur)[0m a été déployé sur cette machine. Les backups sont situés dans [38;5;6m{{ borg.path }}[0m.