diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a42500e22adf3b21bb3a17d10a9a6a7c1edfb0e7..ca3ff8e3a4a4b383b01a64297c4d330916b416fa 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,3 +1,6 @@
+stages:
+  - test
+  - deploy
 test-centos7:
   image: centos:centos7
   stage: test
@@ -7,4 +10,19 @@ test-centos7:
   - yum install -y gcc graphviz graphviz-devel
   - cd ippisite
   - pip3 install -r requirements.txt
-  - python3 manage.py test
\ No newline at end of file
+  - python3 manage.py test
+test-centos7:
+  image: centos:centos7
+  stage: deploy
+  script:
+  - yum install -y epel-release
+  - yum install install -y python34-pip python34-devel
+  - yum install -y gcc graphviz graphviz-devel
+  - cd ippisite
+  - pip3 install -r requirements.txt
+  - python3 manage.py test
+  environment:
+    name: production
+    url: https://ippidb.pasteur.fr
+  only:
+  - master
\ No newline at end of file
diff --git a/ansible/ansible.sh b/ansible/ansible.sh
new file mode 100755
index 0000000000000000000000000000000000000000..3da58cbd6dddd1a3400ad0f6492373e9e3df6832
--- /dev/null
+++ b/ansible/ansible.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+ansible-playbook -i ./hosts $1
\ No newline at end of file
diff --git a/ansible/config_files.yaml b/ansible/config_files.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..4615f84e6a735dd7b629afb9e4221ff4f9512f66
--- /dev/null
+++ b/ansible/config_files.yaml
@@ -0,0 +1,18 @@
+---
+- name: Copy configuration files
+  hosts: all
+  gather_facts: no
+
+  tasks:
+    - name: nginx config file
+      template: src=../config/nginx.conf dest=/etc/nginx/sites-enabled/django
+      register: nginx_config
+    - name: nginx restart
+      service: name=nginx state=restarted
+      when: nginx_config.changed
+    - name: uwsgi config file
+      template: src=../config/uwsgi.ini dest=/etc/uwsgi/apps-enabled/django.ini
+      register: uwsgi_config
+    - name: uwsgi restart
+      service: name=uwsgi state=restarted
+      when: uwsgi_config.changed
diff --git a/ansible/deploy.yaml b/ansible/deploy.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b4b9d2d92f6cacaa4a1ea75b1ed5f4af84c5a25e
--- /dev/null
+++ b/ansible/deploy.yaml
@@ -0,0 +1,43 @@
+---
+- hosts: all
+  become: yes
+  become_user: ubuntu
+  gather_facts: no
+
+  tasks:
+  - name: pull branch master
+    git:
+      repo={{ repo_url }}/{{ repo }}.git
+      dest={{ repo_dir }}
+      accept_hostkey=yes
+
+- hosts: all
+  gather_facts: no
+  tasks:
+  - name: install python requirements
+    pip: requirements={{ repo_dir }}/requirements.txt extra_args=--upgrade
+
+- hosts: all
+  become: yes
+  become_user: ippidb
+  gather_facts: no
+  #environment:
+    #DJANGO_SETTINGS_MODULE: "{{ django_project }}.settings.production"
+    #DATABASE_URL: postgres://{{ dbuser }}:{{ dbpassword }}@localhost/{{ dbname }}
+    #STATIC_ROOT: "{{ static_dir }}"
+
+  tasks:
+  - name: create static_root dir
+    file: path={{ static_dir }} state=directory mode=0755
+  - name: django collectstatic
+    shell: ./manage.py collectstatic --noinput chdir={{ django_dir }}
+  - name: django migrate
+    shell: ./manage.py migrate --noinput chdir={{ django_dir }}
+  - name: django loaddata
+    shell: ./manage.py loaddata user chdir={{ django_dir }}
+
+- hosts: all
+  gather_facts: no
+  tasks:
+  - name: uwsgi restart
+    service: name=uwsgi state=restarted
diff --git a/ansible/host_vars/ippidb b/ansible/host_vars/ippidb
new file mode 100644
index 0000000000000000000000000000000000000000..0e2b041209a021b7b0be13c49864e2193ab2606a
--- /dev/null
+++ b/ansible/host_vars/ippidb
@@ -0,0 +1,11 @@
+---
+repo_url: ssh://git@bitbucket.org/youruser
+repo: yourproject
+home_dir: /home/ubuntu
+repo_dir: "{{ home_dir }}/{{ repo }}"
+django_dir: "{{ repo_dir }}/django"
+static_dir: "{{ home_dir }}/static"
+django_project: yourproject
+dbname: django
+dbuser: django
+dbpassword: "{{ lookup('password', 'postgresqlpasswd') }}"
diff --git a/ansible/hosts b/ansible/hosts
new file mode 100644
index 0000000000000000000000000000000000000000..525948e753bd591f571ed4dca76d40e6e3f1cfb6
--- /dev/null
+++ b/ansible/hosts
@@ -0,0 +1 @@
+ippidb
diff --git a/ansible/packages.yaml b/ansible/packages.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..5ac686a5b31aea6bc0c288ae56f176b1f4ae32dd
--- /dev/null
+++ b/ansible/packages.yaml
@@ -0,0 +1,20 @@
+---
+- hosts: all
+  gather_facts: no
+  tasks:
+    - name: Running apt update
+      apt: update_cache=yes
+    - name: Installing required packages
+      apt: name={{item}} state=present
+      with_items:
+       - fail2ban
+       - postgresql
+       - postgresql-client
+       - git
+       - python-pip
+       - rdiff-backup
+       - libpq-dev
+       - python-psycopg2
+       - uwsgi
+       - uwsgi-plugin-python
+       - nginx
diff --git a/ansible/postgresql.yaml b/ansible/postgresql.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..58c90c2ba5fa026dd1912a80b5d7b17463b58276
--- /dev/null
+++ b/ansible/postgresql.yaml
@@ -0,0 +1,13 @@
+---
+- hosts: all
+  become: yes
+  become_user: postgres
+  gather_facts: no
+
+  tasks:
+  - name: ensure database is created
+    postgresql_db: name={{dbname}}
+  - name: ensure user has access to database
+    postgresql_user: db={{dbname}} name={{dbuser}} password={{dbpassword}} priv=ALL
+  - name: ensure user does not have unnecessary privilege
+    postgresql_user: name={{dbuser}} role_attr_flags=NOSUPERUSER,NOCREATEDB
diff --git a/ansible/system.yaml b/ansible/system.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1e792568d803145ff7f23c31120b72471818591f
--- /dev/null
+++ b/ansible/system.yaml
@@ -0,0 +1,10 @@
+---
+- hosts: all
+  gather_facts: no
+  tasks:
+    - name: Create ippidb user
+      user: name=ippidb generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa
+    - name: Read SSH public key
+      slurp: src=/home/ippidb/.ssh/id_rsa.pub
+      register: public_key
+    - debug: msg="{{ public_key['content'] | b64decode }}"
diff --git a/ansible/upgrade.yaml b/ansible/upgrade.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..bcfed626e57532e5fc326d440c85f69668c5e6f2
--- /dev/null
+++ b/ansible/upgrade.yaml
@@ -0,0 +1,10 @@
+---
+- hosts: all
+  gather_facts: no
+  tasks:
+    - name: Running update and safe-upgrade
+      apt:
+        update_cache=yes
+        upgrade=safe
+      register: result
+    - debug: var=result.stdout_lines