diff --git a/base.yml b/base.yml
index 5aee2d2..38ec360 100755
--- a/base.yml
+++ b/base.yml
@@ -10,3 +10,8 @@
 - hosts: all,!unifi
   roles:
     - ldap_client
+
+# Install logrotate
+- hosts: all,!unifi,!pve
+  roles:
+    - logrotate
diff --git a/hosts b/hosts
index a06cac8..98a435e 100644
--- a/hosts
+++ b/hosts
@@ -445,6 +445,13 @@ edc_pve
 gs_pve
 rives_pve
 
+# every unifi
+[unifi:children]
+gs_unifi
+edc_unifi
+fleming_unifi
+rives_unifi
+pacaterie_unifi
 
 ###############################################################################
 # Groups by service
diff --git a/roles/logrotate/handlers/main.yml b/roles/logrotate/handlers/main.yml
new file mode 100644
index 0000000..a58c62e
--- /dev/null
+++ b/roles/logrotate/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: reload logrotate
+  service:
+    name: logrotate
+    state: reloaded
diff --git a/roles/logrotate/tasks/main.yml b/roles/logrotate/tasks/main.yml
new file mode 100644
index 0000000..e76b591
--- /dev/null
+++ b/roles/logrotate/tasks/main.yml
@@ -0,0 +1,29 @@
+---
+# Install and configure logrotate
+
+# Install the apt package
+- name: Install logrotate
+  apt:
+    name:
+      - logrotate
+
+# Copy the configuration and reload the service if it has changed
+- name: Configure logrotate
+  template:
+    src: logrotate.d/rsyslog.j2
+    dest: /etc/logrotate.d/rsyslog
+    owner: root
+    group: root
+    mode: "0644"
+  notify: reload logrotate
+
+# Make sure the service is enabled and started
+- name: Enable logrotate service
+  service:
+    name: logrotate
+    enabled: true
+    state: started
+
+# Enforce new logrotate rules now
+- name: Run logrotate now
+  command: /usr/sbin/logrotate -f /etc/logrotate.d/rsyslog
diff --git a/roles/logrotate/templates/logrotate.d/rsyslog.j2 b/roles/logrotate/templates/logrotate.d/rsyslog.j2
new file mode 100644
index 0000000..beab470
--- /dev/null
+++ b/roles/logrotate/templates/logrotate.d/rsyslog.j2
@@ -0,0 +1,39 @@
+# {{ ansible_managed }}
+
+/var/log/syslog
+{
+	rotate 7
+	daily
+	missingok
+	notifempty
+	delaycompress
+	compress
+	postrotate
+		/usr/lib/rsyslog/rsyslog-rotate
+	endscript
+}
+
+/var/log/mail.info
+/var/log/mail.warn
+/var/log/mail.err
+/var/log/mail.log
+/var/log/daemon.log
+/var/log/kern.log
+/var/log/auth.log
+/var/log/user.log
+/var/log/lpr.log
+/var/log/cron.log
+/var/log/debug
+/var/log/messages
+{
+	rotate 1
+	daily
+	missingok
+	notifempty
+	compress
+	delaycompress
+	sharedscripts
+	postrotate
+		/usr/lib/rsyslog/rsyslog-rotate
+	endscript
+}