diff --git a/mysql/defaults/main.yml b/mysql/defaults/main.yml
index 3c2bbeb6..b84e59ec 100644
--- a/mysql/defaults/main.yml
+++ b/mysql/defaults/main.yml
@@ -18,4 +18,7 @@ mysql_innodb_buffer_pool_size: '{{ (ansible_memtotal_mb * 0.3) | int }}M'
 mysql_cron_optimize: True
 mysql_cron_optimize_frequency: weekly
 
+mysql_cron_mysqltuner: True
+mysql_cron_mysqltuner_frequency: monthly
+
 mysql_force_new_nrpe_password: False
diff --git a/mysql/files/mysqltuner.cron.sh b/mysql/files/mysqltuner.cron.sh
new file mode 100644
index 00000000..5424aa90
--- /dev/null
+++ b/mysql/files/mysqltuner.cron.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+set -e
+export TERM=screen
+
+mem=$(free -m | grep Mem: | tr -s ' ' | cut -d ' ' -f2)
+swap=$(free -m | grep Swap: | tr -s ' ' | cut -d ' ' -f2)
+template=$(mktemp --tmpdir=/tmp evomysqltuner.XXX)
+body=$(mktemp --tmpdir=/tmp evomysqltuner.XXX)
+clientmail=$(grep EVOMAINTMAIL /etc/evomaintenance.cf | cut -d'=' -f2)
+hostname=$(grep HOSTNAME /etc/evomaintenance.cf | cut -d'=' -f2)
+hostname=${hostname%%.evolix.net}
+# If hostname is composed with -, remove the first part.
+if [[ $hostname =~ "-" ]]; then
+    hostname=$(echo $hostname | cut -d'-' -f2-)
+fi
+
+# Remove temporary files on exit.
+trap "rm $template $body" EXIT
+
+# Add port here if you have more than one instance!
+instances="3306"
+for instance in $instances; do
+    mysqltuner --port $instance --host 127.0.0.1 --forcemem $mem --forceswap $swap \
+      | aha > /var/www/mysqlreport_${instance}.html
+    cat << EOT > $template
+Content-Type: text/plain; charset="utf-8"
+Reply-To: Équipe Evolix <equipe@evolix.fr>
+From: Équipe Evolix <equipe@evolix.net>
+To: $clientmail
+Subject: Rapport MySQL instance $instance pour votre serveur $hostname
+EOT
+    cat << EOT > $body
+Bonjour,
+
+Veuillez trouver ci-joint un rapport MySQL.
+Celui-ci permet d'identifier aisément si des optimisations MySQL sont possibles.
+
+N'hésitez pas à nous indiquer par mail ou ticket quelles variables vous souhaiter
+optimiser.
+
+Veuillez noter qu'il faudra redémarrer MySQL pour appliquer de nouveaux paramètres.
+
+Bien à vous,
+--
+Rapport automatique Evolix
+EOT
+    mutt -x -e 'set send_charset="utf-8"' -H $template \
+      -a /var/www/mysqlreport_${instance}.html < $body
+done
+chmod 644 /var/www/mysqlreport*html
diff --git a/mysql/tasks/log2mail.yml b/mysql/tasks/log2mail.yml
index fb256d26..568b6649 100644
--- a/mysql/tasks/log2mail.yml
+++ b/mysql/tasks/log2mail.yml
@@ -13,6 +13,8 @@
   template:
     src: log2mail.j2
     dest: /etc/log2mail/config/mysql.conf
+    owner: log2mail
+    group: adm
     mode: "0640"
   when: log2mail_config_dir.stat.exists
   tags:
diff --git a/mysql/tasks/main.yml b/mysql/tasks/main.yml
index ca3f0571..be64360c 100644
--- a/mysql/tasks/main.yml
+++ b/mysql/tasks/main.yml
@@ -1,6 +1,10 @@
 ---
 
-- include: packages.yml
+- include: packages_stretch.yml
+  when: ansible_distribution_release == "stretch"
+
+- include: packages_jessie.yml
+  when: ansible_distribution_release == "jessie"
 
 - include: users_stretch.yml
   when: ansible_distribution_release == "stretch"
diff --git a/mysql/tasks/nrpe.yml b/mysql/tasks/nrpe.yml
index 7cebcf50..be18a966 100644
--- a/mysql/tasks/nrpe.yml
+++ b/mysql/tasks/nrpe.yml
@@ -20,7 +20,7 @@
 
 - block:
   - name: Create a password for NRPE
-    shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'
+    command: "apg -n 1 -m 16 -M lcN"
     register: mysql_nrpe_password
     changed_when: False
 
diff --git a/mysql/tasks/packages.yml b/mysql/tasks/packages_jessie.yml
similarity index 100%
rename from mysql/tasks/packages.yml
rename to mysql/tasks/packages_jessie.yml
diff --git a/mysql/tasks/packages_stretch.yml b/mysql/tasks/packages_stretch.yml
new file mode 100644
index 00000000..d5645bea
--- /dev/null
+++ b/mysql/tasks/packages_stretch.yml
@@ -0,0 +1,37 @@
+---
+
+- name: Choose packages
+  set_fact:
+    mysql_packages: "{{ item }}"
+  with_items:
+  - mariadb-server
+  - mariadb-client
+  tags:
+  - mysql
+  - packages
+
+- name: Install MySQL packages
+  apt:
+    name: '{{ item }}'
+    update_cache: yes
+    state: present
+  with_items: "{{ mysql_packages }}"
+  tags:
+  - mysql
+  - packages
+
+- name: MySQL is started
+  service:
+    name: mysql
+    state: started
+  tags:
+  - mysql
+  - services
+
+- name: apg package is installed
+  apt:
+    name: apg
+    state: present
+  tags:
+  - mysql
+  - packages
diff --git a/mysql/tasks/users_jessie.yml b/mysql/tasks/users_jessie.yml
index 4d225317..a8c22cf8 100644
--- a/mysql/tasks/users_jessie.yml
+++ b/mysql/tasks/users_jessie.yml
@@ -10,7 +10,7 @@
   - mysql
 
 - name: create a password for mysqladmin
-  shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'
+  command: "apg -n 1 -m 16 -M lcN"
   register: mysql_admin_password
   changed_when: False
   tags:
diff --git a/mysql/tasks/users_stretch.yml b/mysql/tasks/users_stretch.yml
index 0a3238eb..c57bd3ae 100644
--- a/mysql/tasks/users_stretch.yml
+++ b/mysql/tasks/users_stretch.yml
@@ -10,7 +10,7 @@
   - mysql
 
 - name: create a password for mysqladmin
-  shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'
+  command: "apg -n 1 -m 16 -M lcN"
   register: mysql_admin_password
   changed_when: False
   tags:
@@ -45,7 +45,7 @@
 
 
 - name: create a password for debian-sys-maint
-  shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'
+  command: "apg -n 1 -m 16 -M lcN"
   register: mysql_debian_password
   changed_when: False
   tags:
diff --git a/mysql/tasks/utils.yml b/mysql/tasks/utils.yml
index 262dcd0f..7fae0c97 100644
--- a/mysql/tasks/utils.yml
+++ b/mysql/tasks/utils.yml
@@ -1,8 +1,8 @@
 ---
 
-- name: Ensure /usr/share/scripts exists
+- name: Ensure scripts directory exists
   file:
-    dest: /usr/share/scripts
+    dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}"
     mode: "0700"
     state: directory
   tags:
@@ -52,13 +52,17 @@
   when: (mysql_scripts_dir or general_scripts_dir) | search ("/usr")
 
 - name: Install mysqltuner
-  copy:
-    src: mysqltuner.pl
-    dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}/mysqltuner.pl"
-    mode: "0700"
+  # copy:
+  #   src: mysqltuner.pl
+  #   dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}/mysqltuner.pl"
+  #   mode: "0700"
+  apt:
+    name: mysqltuner
+    state: present
   tags:
     - mysql
     - mysqltuner
+    - mysqltuner
 
 - name: Install aha
   apt:
@@ -79,7 +83,7 @@
   tags:
     - mysql
 
-- name: "Cron dir is present"
+- name: "Cron dir for optimize is present"
   file:
     path: "/etc/cron.{{ mysql_cron_optimize_frequency | mandatory }}"
     state: directory
@@ -98,12 +102,36 @@
 
 - name: "Disable cron to optimize MySQL"
   file:
-    dest: /etc/cron.weekly/mysql-optimize.sh
+    dest: /etc/cron.{{ mysql_cron_optimize_frequency | mandatory }}/mysql-optimize.sh
     state: absent
   when: not mysql_cron_optimize
   tags:
     - mysql
 
+- name: "Cron dir for mysqltuner is present"
+  file:
+    path: "/etc/cron.{{ mysql_cron_mysqltuner_frequency | mandatory }}"
+    state: directory
+    mode: "0755"
+    owner: root
+    group: root
+
+- name: "Enable mysqltuner in cron"
+  copy:
+    src: mysqltuner.cron.sh
+    dest: /etc/cron.{{ mysql_cron_mysqltuner_frequency | mandatory }}/mysqltuner.sh
+  when: mysql_cron_mysqltuner
+  tags:
+    - mysql
+
+- name: "Disable mysqltuner in cron"
+  file:
+    dest: /etc/cron.{{ mysql_cron_mysqltuner_frequency | mandatory }}/mysqltuner.sh
+    state: absent
+  when: not mysql_cron_mysqltuner
+  tags:
+    - mysql
+
 # my-add.sh
 
 - include: remount_usr_rw.yml