diff --git a/CHANGELOG.md b/CHANGELOG.md
index 61f29417..0bf897b6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,7 @@ The **patch** part changes incrementally at each release.
 * apt: check if cron is installed before adding a cron job
 * apt: remove jessie/buster sources from Gandi servers
 * certbot : new role to install and configure certbot
+* etc-git: add versioning for /usr/share/scripts on Debian 10+
 * evoacme: upstream version 19.11
 * evolinux-base: default value for "evolinux_ssh_group"
 * evolinux-base: install /sbin/deny
diff --git a/etc-git/tasks/main.yml b/etc-git/tasks/main.yml
index b0071e72..2a8b6513 100644
--- a/etc-git/tasks/main.yml
+++ b/etc-git/tasks/main.yml
@@ -7,80 +7,30 @@
   tags:
     - etc-git
 
-- name: /etc is versioned with git
-  command: "git init ."
-  args:
-    chdir: /etc
-    creates: /etc/.git/
-    warn: no
-  register: git_init
-  tags:
-    - etc-git
+- include: repository.yml
+  vars:
+    repository_path: "/etc"
+    gitignore_items:
+      - "aliases.db"
+      - "*.swp"
+      - "postfix/sa-blacklist.access"
+      - "postfix/*.db"
+      - "postfix/spamd.cidr"
+      - "evobackup/.keep-*"
+      - "letsencrypt/.certbot.lock"
 
-- name: Git user.email is configured
-  git_config:
-    name: user.email
-    repo: /etc
-    scope: local
-    value: "root@{{ ansible_fqdn | default('localhost') }}"
-  tags:
-    - etc-git
+- name: verify /usr/share/scripts presence
+  stat:
+    path: /usr/share/scripts
+  register: _usr_share_scripts
 
-- name: /etc/.git is restricted to root
-  file:
-    path: /etc/.git
-    owner: root
-    mode: "0700"
-    state: directory
-  tags:
-    - etc-git
-
-- name: /etc/.gitignore is present
-  copy:
-    src: gitignore
-    dest: /etc/.gitignore
-    owner: root
-    mode: "0600"
-    force: no
-  tags:
-    - etc-git
-
-- name: Some entries MUST be in the /etc/.gitignore file
-  lineinfile:
-    dest: /etc/.gitignore
-    line: "{{ item }}"
-  with_items:
-    - "aliases.db"
-    - "*.swp"
-    - "postfix/sa-blacklist.access"
-    - "postfix/*.db"
-    - "postfix/spamd.cidr"
-    - "evobackup/.keep-*"
-    - "letsencrypt/.certbot.lock"
-  tags:
-    - etc-git
-
-- name: does /etc/ have any commit?
-  command: "git log"
-  args:
-    chdir: /etc
-    warn: no
-  changed_when: False
-  failed_when: False
-  register: git_log
-  check_mode: no
-  tags:
-    - etc-git
-
-- name: initial commit is present?
-  shell: "git add -A . && git commit -m \"Initial commit via Ansible\""
-  args:
-    chdir: /etc
-    warn: no
-  register: git_commit
-  when: git_log.rc != 0 or (git_init is defined and git_init.changed)
-  tags:
-    - etc-git
+- include: repository.yml
+  vars:
+    repository_path: "/usr/share/scripts"
+    gitignore_items: []
+  when:
+    - _usr_share_scripts.stat.isdir
+    - ansible_distribution_major_version | version_compare('10', '>=')
 
 - name: Check if cron is installed
   shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
diff --git a/etc-git/tasks/repository.yml b/etc-git/tasks/repository.yml
new file mode 100644
index 00000000..587c6f79
--- /dev/null
+++ b/etc-git/tasks/repository.yml
@@ -0,0 +1,73 @@
+---
+
+- include_role:
+    name: remount-usr
+  when: repository_path | search ("/usr")
+
+- name: "{{ repository_path }} is versioned with git"
+  command: "git init ."
+  args:
+    chdir: "{{ repository_path }}"
+    creates: "{{ repository_path }}/.git/"
+    warn: no
+  register: git_init
+  tags:
+    - etc-git
+
+- name: Git user.email is configured
+  git_config:
+    name: user.email
+    repo: "{{ repository_path }}"
+    scope: local
+    value: "root@{{ ansible_fqdn | default('localhost') }}"
+  tags:
+    - etc-git
+
+- name: "{{ repository_path }}/.git is restricted to root"
+  file:
+    path: "{{ repository_path }}/.git"
+    owner: root
+    mode: "0700"
+    state: directory
+  tags:
+    - etc-git
+
+- name: "{{ repository_path }}/.gitignore is present"
+  copy:
+    src: gitignore
+    dest: "{{ repository_path }}/.gitignore"
+    owner: root
+    mode: "0600"
+    force: no
+  tags:
+    - etc-git
+
+- name: "Some entries MUST be in the {{ repository_path }}/.gitignore file"
+  lineinfile:
+    dest: "{{ repository_path }}/.gitignore"
+    line: "{{ item }}"
+  with_items: "{{ gitignore_items | default([]) }}"
+  tags:
+    - etc-git
+
+- name: "does {{ repository_path }}/ have any commit?"
+  command: "git log"
+  args:
+    chdir: "{{ repository_path }}"
+    warn: no
+  changed_when: False
+  failed_when: False
+  register: git_log
+  check_mode: no
+  tags:
+    - etc-git
+
+- name: initial commit is present?
+  shell: "git add -A . && git commit -m \"Initial commit via Ansible\""
+  args:
+    chdir: "{{ repository_path }}"
+    warn: no
+  register: git_commit
+  when: git_log.rc != 0 or (git_init is defined and git_init.changed)
+  tags:
+    - etc-git