diff --git a/kibana/README.md b/kibana/README.md
new file mode 100644
index 00000000..feda6871
--- /dev/null
+++ b/kibana/README.md
@@ -0,0 +1,14 @@
+# kibana
+
+Install Kibana.
+
+## Tasks
+
+Everything is in the `tasks/main.yml` file.
+
+## Available variables
+
+The only variables are derived from gathered facts.
+
+By default, Kibana will bind to localhost:5601.
+If Nginx is installed, a typical proxy configuration is copied into `/etc/nginx/sites-available`. It can be tweeked and enabled by hand.
diff --git a/kibana/files/logrotate b/kibana/files/logrotate
new file mode 100644
index 00000000..d8056967
--- /dev/null
+++ b/kibana/files/logrotate
@@ -0,0 +1,9 @@
+/var/log/kibana/*.log {
+        daily
+        rotate 7
+        copytruncate
+        compress
+        delaycompress
+        missingok
+        notifempty
+}
diff --git a/kibana/tasks/main.yml b/kibana/tasks/main.yml
new file mode 100644
index 00000000..da6939a7
--- /dev/null
+++ b/kibana/tasks/main.yml
@@ -0,0 +1,59 @@
+---
+
+- name: APT https transport is enabled
+  apt:
+    name: apt-transport-https
+    state: installed
+  tags:
+    - system
+    - packages
+
+- name: Elastic GPG key is installed
+  apt_key:
+    url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    state: present
+  tags:
+    - system
+    - packages
+
+- name: Elastic sources list is available
+  apt_repository:
+    repo: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+    state: present
+  tags:
+    - system
+    - packages
+
+- name: Kibana is installed
+  apt:
+    name: kibana
+    update_cache: yes
+    state: installed
+  tags:
+    - packages
+
+- name: Kibana service is enabled and started
+  service:
+    name: kibana
+    enabled: yes
+    state: started
+
+- name: Logrotate configuration is enabled
+  copy:
+    src: logrotate
+    dest: /etc/logrotate.d/kibana
+    mode: 0644
+    owner: root
+    group: root
+
+- name: Nginx installed?
+  stat:
+    path: /etc/nginx/sites-available/
+  register: nginx_installed
+
+- name: Example proxy for Kibana with Nginx
+  template:
+    src: nginx_proxy_kibana.j2
+    dest: /etc/nginx/sites-available/kibana.conf
+    force: no
+  when: nginx_installed.stat.exists
diff --git a/kibana/templates/nginx_proxy_kibana.j2 b/kibana/templates/nginx_proxy_kibana.j2
new file mode 100644
index 00000000..3db2723b
--- /dev/null
+++ b/kibana/templates/nginx_proxy_kibana.j2
@@ -0,0 +1,24 @@
+upstream kibana {
+  server 127.0.0.1:5601 fail_timeout=0;
+}
+server {
+  charset utf-8;
+
+  # ajouter les règles d'authentification
+
+{% for address in ansible_all_ipv4_addresses %}
+  listen {{ address }}:80;
+{% endfor %}
+  server_name    {{ ansible_hostname }};
+
+  location / {
+    proxy_redirect off;
+    proxy_pass http://kibana/;
+    proxy_set_header    X-Real-IP   $remote_addr;
+    proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
+    proxy_set_header    X-Forwarded-Proto  $scheme;
+    proxy_set_header    X-Forwarded-Server  $host;
+    proxy_set_header    X-Forwarded-Host  $host;
+    proxy_set_header    Host  $host;
+  }
+}
diff --git a/vagrant.yml b/vagrant.yml
index 7bf14de1..c8c4fdb7 100644
--- a/vagrant.yml
+++ b/vagrant.yml
@@ -22,5 +22,6 @@
     #   }
     # - apache
     # - { role: elasticsearch, elasticsearch_custom_tmpdir: "/var/lib/elasticsearch/tmp" }
-    - elasticsearch
-    - elasticsearch-plugin-head
+    # - elasticsearch
+    # - elasticsearch-plugin-head
+    - kibana