diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml
index 32f8477..1b58390 100644
--- a/roles/openvpn/tasks/main.yml
+++ b/roles/openvpn/tasks/main.yml
@@ -7,14 +7,10 @@
 - set_fact: ovpn_daemons={{ ovpn_daemons_conf | default([]) }}
   tags: ovpn
 
-- name: Install packages
-  yum: name=openvpn
-  when: ansible_os_family == 'RedHat'
-  tags: ovpn
-
-- name: Install packages
-  apt: name=openvpn
-  when: ansible_os_family == 'Debian'
+- name: Install OpenVPN
+  package:
+    name:
+      - openvpn
   tags: ovpn
 
 - name: Deploy daemons configuration
diff --git a/roles/pbs/defaults/main.yml b/roles/pbs/defaults/main.yml
new file mode 100644
index 0000000..9335d44
--- /dev/null
+++ b/roles/pbs/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+
+# This control access on port 8007. Note that the port is not configurable
+pbs_src_ip: []
diff --git a/roles/pbs/meta/main.yml b/roles/pbs/meta/main.yml
new file mode 100644
index 0000000..1fee779
--- /dev/null
+++ b/roles/pbs/meta/main.yml
@@ -0,0 +1,4 @@
+---
+
+dependencies:
+  - role: repo_pbs
diff --git a/roles/pbs/tasks/install.yml b/roles/pbs/tasks/install.yml
new file mode 100644
index 0000000..a4f616f
--- /dev/null
+++ b/roles/pbs/tasks/install.yml
@@ -0,0 +1,9 @@
+---
+
+- name: Install PBS
+  apt:
+    name:
+      - proxmox-backup-server
+    policy_rc_d: 101 # Prevent the daemon from starting automatically after install
+  tags: pbs
+
diff --git a/roles/pbs/tasks/iptables.yml b/roles/pbs/tasks/iptables.yml
new file mode 100644
index 0000000..392f727
--- /dev/null
+++ b/roles/pbs/tasks/iptables.yml
@@ -0,0 +1,10 @@
+---
+
+- name: Handle PBS port
+  iptables_raw:
+    name: pbs_port
+    state: "{{ (pbs_src_ip | length > 0) | ternary('present', 'absent') }}"
+    rules: "-A INPUT -m state --state NEW -p tcp --dport 8007 -s {{ pbs_src_ip | flatten | join(',') }} -j ACCEPT"
+  when: iptables_manage | default(True)
+  tags: pbs,firewall
+
diff --git a/roles/pbs/tasks/main.yml b/roles/pbs/tasks/main.yml
new file mode 100644
index 0000000..b721cb5
--- /dev/null
+++ b/roles/pbs/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+
+- include: install.yml
+- include: iptables.yml
+- include: services.yml
diff --git a/roles/pbs/tasks/services.yml b/roles/pbs/tasks/services.yml
new file mode 100644
index 0000000..332885a
--- /dev/null
+++ b/roles/pbs/tasks/services.yml
@@ -0,0 +1,9 @@
+---
+
+- name: Start and enable services
+  service: name={{ item }} state=started enabled=True
+  loop:
+    - proxmox-backup
+    - proxmox-backup-proxy
+    - proxmox-backup-banner
+  tags: pbs