diff --git a/roles/docker-nextcloud/files/docker-compose.yml b/roles/docker-nextcloud/files/docker-compose.yml
index 0a69ab7..dda2ca6 100755
--- a/roles/docker-nextcloud/files/docker-compose.yml
+++ b/roles/docker-nextcloud/files/docker-compose.yml
@@ -21,11 +21,11 @@ services:
     image: nextcloud
     restart: always
     ports:
-      - 8080:80
+      - 5678:80
     links:
       - db
     volumes:
-      - nextcloud:/var/www/html
+      - ./nextcloud:/var/www/html
     environment:
       - MYSQL_PASSWORD=root
       - MYSQL_DATABASE=nextcloud
diff --git a/roles/docker-nextcloud/files/proxy b/roles/docker-nextcloud/files/proxy
new file mode 100644
index 0000000..2f34477
--- /dev/null
+++ b/roles/docker-nextcloud/files/proxy
@@ -0,0 +1,100 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# https://www.nginx.com/resources/wiki/start/
+# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
+# https://wiki.debian.org/Nginx/DirectoryStructure
+#
+# In most cases, administrators will remove this file from sites-enabled/ and
+# leave it as reference inside of sites-available where it will continue to be
+# updated by the nginx packaging team.
+#
+# This file will automatically load configuration files provided by other
+# applications, such as Drupal or Wordpress. These applications will be made
+# available underneath a path with that package name, such as /drupal8.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+	listen 8080 default_server;
+	listen [::]:8080 default_server;
+
+	location / {
+		proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $remote_addr;
+		proxy_pass http://localhost:5678;
+		proxy_connect_timeout 900;
+		proxy_send_timeout 900;
+		proxy_read_timeout 900;
+	}
+
+	# SSL configuration
+	#
+	# listen 443 ssl default_server;
+	# listen [::]:443 ssl default_server;
+	#
+	# Note: You should disable gzip for SSL traffic.
+	# See: https://bugs.debian.org/773332
+	#
+	# Read up on ssl_ciphers to ensure a secure configuration.
+	# See: https://bugs.debian.org/765782
+	#
+	# Self signed certs generated by the ssl-cert package
+	# Don't use them in a production server!
+	#
+	# include snippets/snakeoil.conf;
+
+#	root /var/www/html;
+
+	# Add index.php to the list if you are using PHP
+#	index index.html index.htm index.nginx-debian.html;
+
+#	server_name _;
+
+#	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to displaying a 404.
+#		try_files $uri $uri/ =404;
+#	}
+
+	# pass PHP scripts to FastCGI server
+	#
+	#location ~ \.php$ {
+	#	include snippets/fastcgi-php.conf;
+	#
+	#	# With php-fpm (or other unix sockets):
+	#	fastcgi_pass unix:/run/php/php7.3-fpm.sock;
+	#	# With php-cgi (or other tcp sockets):
+	#	fastcgi_pass 127.0.0.1:9000;
+	#}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+}
+
+
+# Virtual Host configuration for example.com
+#
+# You can move that to a different file under sites-available/ and symlink that
+# to sites-enabled/ to enable it.
+#
+#server {
+#	listen 80;
+#	listen [::]:80;
+#
+#	server_name example.com;
+#
+#	root /var/www/example.com;
+#	index index.html;
+#
+#	location / {
+#		try_files $uri $uri/ =404;
+#	}
+#}
diff --git a/roles/fog/defaults/main.yml b/roles/fog/defaults/main.yml
new file mode 100644
index 0000000..788d0c1
--- /dev/null
+++ b/roles/fog/defaults/main.yml
@@ -0,0 +1,2 @@
+depl_url: "http://s-adm.gsb.adm/gsbstore/"
+depl_fog: "fogproject-1.5.9.tar.gz"
diff --git a/roles/fog/tasks/main.yml b/roles/fog/tasks/main.yml
index 9f826ea..9e3a106 100644
--- a/roles/fog/tasks/main.yml
+++ b/roles/fog/tasks/main.yml
@@ -6,10 +6,10 @@
 
   - name: recuperation du fichier d'installation de fog
     get_url:
-      url: http://depl/gsbstore/fogproject-1.5.7.tar.gz
+      url: "{{ depl_url }}/{{ depl_fog }}"
       dest: /root/fog
 
   - name: decompression du fichier d'installation de fog
     unarchive:
-      src: /root/fog/fogproject-1.5.7.tar.gz
+      src: "/root/fog/{{ depl_fog }}"
       dest: /root/fog
diff --git a/roles/icinga/files/cfg/hostgroups_icinga.cfg b/roles/icinga/files/cfg/hostgroups_icinga.cfg
index 2603b32..c202b20 100644
--- a/roles/icinga/files/cfg/hostgroups_icinga.cfg
+++ b/roles/icinga/files/cfg/hostgroups_icinga.cfg
@@ -15,13 +15,13 @@ define hostgroup {
 define hostgroup { 
 	hostgroup_name debian-servers 
 	alias		Serveurs distant
-	members        s-infra, s-proxy, r-int, r-ext, s-adm, s-itil
+	members        s-infra, s-proxy, r-int, r-ext, s-adm, s-itil, s-mess
 } 
 
 define hostgroup { 
 	hostgroup_name ssh-servers 
 	alias 		acces SSH 
-	members		s-adm, s-infra, s-proxy, r-int, r-ext, localhost, gwsio2, s-itil	 
+	members		s-adm, s-infra, s-proxy, r-int, r-ext, localhost, gwsio2, s-itil, s-mess, s-lb
 }
 
 define hostgroup { 
@@ -39,7 +39,7 @@ define hostgroup { 
 define hostgroup {
         hostgroup_name  http-servers
 		alias           serveurs-web
-		members         localhost, s-itil 
+		members         localhost, s-itil, s-adm
         }
 
 #define hostgroup {
@@ -69,6 +69,7 @@ define hostgroup{
 define hostgroup{
 	hostgroup_name	uptimegrp
 	alias		uptimegrp
-	members		s-infra, s-proxy, r-int, r-ext, s-adm, s-itil
+	members		s-infra, s-proxy, r-int, r-ext, s-adm, s-itil, s-mess, s-lb
 }
 
+
diff --git a/roles/icinga/files/cfg/s-lb.cfg b/roles/icinga/files/cfg/s-lb.cfg
new file mode 100644
index 0000000..5754f25
--- /dev/null
+++ b/roles/icinga/files/cfg/s-lb.cfg
@@ -0,0 +1,14 @@
+# A simple configuration file for monitoring the local host
+# This can serve as an example for configuring other servers;
+# Custom services specific to this host are added here, but services
+# defined in nagios2-common_services.cfg may also apply.
+# 
+
+define host{
+        use                     generic-host            ; Name of host template$
+        host_name               s-lb
+        alias                   debian-servers
+        address                 192.168.100.10
+        parents                 r-int
+        }
+
diff --git a/roles/icinga/files/cfg/s-mess.cfg b/roles/icinga/files/cfg/s-mess.cfg
new file mode 100644
index 0000000..79df415
--- /dev/null
+++ b/roles/icinga/files/cfg/s-mess.cfg
@@ -0,0 +1,14 @@
+# A simple configuration file for monitoring the local host
+# This can serve as an example for configuring other servers;
+# Custom services specific to this host are added here, but services
+# defined in nagios2-common_services.cfg may also apply.
+# 
+
+define host{
+        use                     generic-host            ; Name of host template$
+        host_name               s-mess
+        alias                   nextcloud
+        address                 172.16.0.7
+        parents                 r-int
+        }
+
diff --git a/roles/post/files/interfaces.r-vp1 b/roles/post/files/interfaces.r-vp1
index ce75e55..b2345c5 100644
--- a/roles/post/files/interfaces.r-vp1
+++ b/roles/post/files/interfaces.r-vp1
@@ -21,9 +21,9 @@ allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 192.168.1.2
 	netmask 255.255.255.0
-	post-up ip route add 172.16.128.0/24 via 192.168.1.2
-	post-up ip route add 172.16.0.0/24 via 192.168.1.1
-	post-up ip route add 192.168.200.0/24 via 192.168.1.1
+	post-up /usr/sbin/ip route add 172.16.128.0/24 via 192.168.1.2
+	post-up /usr/sbin/ip route add 172.16.0.0/24 via 192.168.1.1
+	post-up /usr/sbin/ip route add 192.168.200.0/24 via 192.168.1.1
 
 #	up route add -net 172.16.128.0/24 gw 192.168.0.52
 #	up route add default gw 192.168.1.1
diff --git a/roles/post/files/interfaces.r-vp2 b/roles/post/files/interfaces.r-vp2
index 233bf5b..2790d47 100644
--- a/roles/post/files/interfaces.r-vp2
+++ b/roles/post/files/interfaces.r-vp2
@@ -21,8 +21,8 @@ allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 192.168.0.52
 	netmask 255.255.255.0
-	post-up ip route add 192.168.1.0/24 via 172.16.128.254/24
-	post-up ip route add 172.16.0.0/24 via 172.16.128.254/24
+	post-up /usr/sbin/ip route add 192.168.1.0/24 via 172.16.128.254/24
+	post-up /usr/sbin/ip route add 172.16.0.0/24 via 172.16.128.254/24
 
 #	up route add -net 192.168.1.0/24 gw 192.168.0.52
 #	post-up /bin/bash /root/iptables-vpn
diff --git a/roles/post/files/interfaces.s-agence b/roles/post/files/interfaces.s-agence
index 98a4301..be903f4 100644
--- a/roles/post/files/interfaces.s-agence
+++ b/roles/post/files/interfaces.s-agence
@@ -9,3 +9,6 @@ iface lo inet loopback
 allow-hotplug enp0s3
 iface enp0s3 inet dhcp
 
+allow-hotplug enp0s8
+iface enp0s8 inet dhcp
+
diff --git a/roles/s-lb-ab/files/haproxy.cfg b/roles/s-lb-ab/files/haproxy.cfg
index 37933e3..2d997e0 100644
--- a/roles/s-lb-ab/files/haproxy.cfg
+++ b/roles/s-lb-ab/files/haproxy.cfg
@@ -44,7 +44,7 @@ backend fermeweb
 	#option httpchk HEAD / HTTP/1.0
 	server s-lb-web1 192.168.101.1:80 check
 	server s-lb-web2 192.168.101.2:80 check
-
+#	server s-lb-web3 192.168.101.3:80 check
 
 listen stats
 	bind	*:8080