diff --git a/proxmox/terraform/modules/node/main.tf b/proxmox/terraform/modules/node/main.tf
index e3e5474..87c55d6 100644
--- a/proxmox/terraform/modules/node/main.tf
+++ b/proxmox/terraform/modules/node/main.tf
@@ -1,51 +1,52 @@
 resource "proxmox_vm_qemu" "node" {
     name              = "${var.hostname}"
     desc              = "${var.description}"
     # hypervisor onto which make the vm
     target_node       = "${var.hypervisor}"
     # See init-template.md to see the template vm bootstrap
     clone             = "${var.template}"
     # linux kernel 2.6
     qemu_os           = "l26"
     # generic setup
     sockets           = "${var.sockets}"
     cores             = "${var.cores}"
     memory            = "${var.memory}"
     # boot machine when hypervirsor starts
     onboot            = true
-    # cloud-init setup
+    #### cloud-init setup
     os_type           = "cloud-init"
-    # ciuser - User name to change ssh keys and password for instead of the
-    # image’s configured default user.
-    ciuser            = "${var.user_admin}"
-    ssh_user          = "${var.user_admin}"
-    # sshkeys - public ssh keys, one per line
-    sshkeys           = "${var.user_admin_ssh_public_key}"
+    # ciuser - User name to change to use when connecting
+    ciuser            = "${var.config["user_admin"]}"
+    ssh_user          = "${var.config["user_admin"]}"
+    # sshkeys - public ssh key to use when connecting
+    sshkeys           = "${var.config["user_admin_ssh_public_key"]}"
     # searchdomain - Sets DNS search domains for a container.
-    searchdomain      = "${var.domain}"
+    searchdomain      = "${var.config["domain"]}"
     # nameserver - Sets DNS server IP address for a container.
-    nameserver        = "${var.dns}"
+    nameserver        = "${var.config["dns"]}"
     # ipconfig0 - [gw =] [,ip=<IPv4Format/CIDR>]
-    ipconfig0         = "ip=${var.network["ip"]}/24,gw=${var.gateway_ip}"
+    ipconfig0         = "ip=${var.network["ip"]}/24,gw=${var.config["gateway_ip"]}"
+    ####
     disk {
         id           = 0
         type         = "virtio"
         storage      = "${var.storage["location"]}"
         storage_type = "ssd"
         size         = "${var.storage["size"]}"
     }
     network {
         id      = 0
         model   = "virtio"
         bridge  = "vmbr0"
         macaddr = "${lookup(var.network, "macaddr", "")}"
     }
 
-    # Delegate to puppet at the end of the provisioning the software setup
+    #### provisioning: (creation time only) connect through ssh
+    # Let puppet do its install
     provisioner "remote-exec" {
         inline = [
             "sed -i 's/127.0.1.1/${var.network["ip"]}/g' /etc/hosts",
-            "puppet agent --server ${var.puppet_master} --environment=${var.puppet_environment} --waitforcert 60 --test || echo 'Node provisionned!'",
+            "puppet agent --server ${var.config["puppet_master"]} --environment=${var.config["puppet_environment"]} --waitforcert 60 --test || echo 'Node provisionned!'",
         ]
     }
 }
diff --git a/proxmox/terraform/modules/node/outputs.tf b/proxmox/terraform/modules/node/outputs.tf
index 1a83803..188ac17 100644
--- a/proxmox/terraform/modules/node/outputs.tf
+++ b/proxmox/terraform/modules/node/outputs.tf
@@ -1,8 +1,8 @@
 output summary {
     value = <<EOF
 
 hostname: ${proxmox_vm_qemu.node.name}
-fqdn: ${proxmox_vm_qemu.node.name}.${var.domain}
+fqdn: ${proxmox_vm_qemu.node.name}.${var.config["domain"]}
 network: ${proxmox_vm_qemu.node.ipconfig0} macaddr=${lookup(proxmox_vm_qemu.node.network[0], "macaddr")}
 EOF
 }
diff --git a/proxmox/terraform/modules/node/variables.tf b/proxmox/terraform/modules/node/variables.tf
index 1a110d1..aa64b66 100644
--- a/proxmox/terraform/modules/node/variables.tf
+++ b/proxmox/terraform/modules/node/variables.tf
@@ -1,99 +1,58 @@
 variable "hostname" {
     description = "Node's hostname"
     type        = "string"
 }
 
 variable "description" {
     description = "Node's description"
     type        = "string"
 }
 
 variable "hypervisor" {
     description = "Hypervisor to install the vm to (choice: orsay, hypervisor3, beaubourg)"
     type        = "string"
     default     = "orsay"
 }
 
 variable "template" {
     description = "Template to use (template-debian-9, template-debian-10)"
     type        = "string"
     default     = "template-debian-9"
 }
 
 variable "sockets" {
     description = "Number of sockets"
     type        = "string"
     default     = "1"
 }
 
 variable "cores" {
     description = "Number of cores"
     type        = "string"
     default     = "1"
 }
 
 variable "memory" {
     description = "Memory in Mb"
     type        = "string"
     default     = "1024"
 }
 
 variable "network" {
     description = "staging network's ip/macaddr"
     type        = "map"
 }
 
 variable "storage" {
     description = "Storage disk location and size in the hypervisor storage"
     type = "map"
      default = {
          location = "orsay-ssd-2018"
          size     = "32G"
      }
 }
 
-#### Below, variables are duplicated (/me is sad, don't know how to avoid it
-#### for now)
-
-variable "domain" {
-    description = "DNS zone for the staging area"
-    type        = "string"
-    default     = "internal.staging.swh.network"
-}
-
-variable "puppet_environment" {
-    description = "Puppet environment to use (swh-site's git branch)"
-    type        = "string"
-    default     = "new_staging"
-}
-
-variable "puppet_master" {
-    description = "Puppet master FQDN"
-    type        = "string"
-    default     = "pergamon.internal.softwareheritage.org"
-}
-
-variable "dns" {
-    description = "DNS server ip"
-    type        = "string"
-    default     = "192.168.100.29"
-}
-
-variable "gateway_ip" {
-    description = "Staging network gateway ip"
-    type        = "string"
-    default     = "192.168.128.1"
-}
-
-variable "user_admin" {
-    description = "User admin to use for managing the node"
-    type        = "string"
-    default     = "root"
-}
-
-# define input variables for the modules
-# `pass search terraform-proxmox` in credential store
-variable "user_admin_ssh_public_key" {
-  type    = "string"
-  default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVKCfpeIMg7GS3Pk03ZAcBWAeDZ+AvWk2k/pPY0z8MJ3YAbqZkRtSK7yaDgJV6Gro7nn/TxdJLo2jEzzWvlC8d8AEzhZPy5Z/qfVVjqBTBM4H5+e+TItAHFfaY5+0WvIahxcfsfaq70MWfpJhszAah3ThJ4mqzYaw+dkr42+a7Gx3Ygpb/m2dpnFnxvXdcuAJYStmHKU5AWGWWM+Fm50/fdMqUfNd8MbKhkJt5ihXQmZWMOt7ls4N8i5NZWnS9YSWow8X/ENOEqCRN9TyRkc+pPS0w9DNi0BCsWvSRJOkyvQ6caEnKWlNoywCmM1AlIQD3k4RUgRWe0vqg/UKPpH3Z root@terraform"
+variable "config" {
+    description = "Local config to avoid duplication from the main module"
+    type = "map"
 }
diff --git a/proxmox/terraform/staging.tf b/proxmox/terraform/staging.tf
index 26d9ab5..82bc52f 100644
--- a/proxmox/terraform/staging.tf
+++ b/proxmox/terraform/staging.tf
@@ -1,113 +1,133 @@
 # Keyword use:
 # - provider: Define the provider(s)
 # - data: Retrieve data information to be used within the file
 # - resource: Define resource and create/update
 
 provider "proxmox" {
     pm_tls_insecure = true
     pm_api_url      = "https://orsay.internal.softwareheritage.org:8006/api2/json"
     # in a shell (see README): source ./setup.sh
 }
 
-# define the staging network gateway
+
+# Default configuration passed along module calls
+# (There is no other way to avoid duplication)
+locals {
+    config = {
+        dns                       = "${var.dns}"
+        domain                    = "${var.domain}"
+        puppet_environment        = "${var.puppet_environment}"
+        puppet_master             = "${var.puppet_master}"
+        gateway_ip                = "${var.gateway_ip}"
+        user_admin                = "${var.user_admin}"
+        user_admin_ssh_public_key = "${var.user_admin_ssh_public_key}"
+    }
+}
+
+# Define the staging network gateway
+# FIXME: Find a way to reuse the module "node"
+# Main difference between node in module and this: gateway define 2 network
+# interfaces
 resource "proxmox_vm_qemu" "gateway" {
     name              = "gateway"
     desc              = "staging gateway node"
     # hypervisor onto which make the vm
     target_node       = "orsay"
     # See init-template.md to see the template vm bootstrap
     clone             = "template-debian-9"
     # linux kernel 2.6
     qemu_os           = "l26"
     # generic setup
     sockets           = 1
     cores             = 1
     memory            = 1024
     # boot machine when hypervirsor starts
     onboot            = true
     #### cloud-init setup
     # to actually set some information per os_type (values: ubuntu, centos,
     # cloud-init). Keep this as cloud-init
     os_type           = "cloud-init"
     # ciuser - User name to change ssh keys and password for instead of the
     # image’s configured default user.
     ciuser            = "${var.user_admin}"
     ssh_user          = "${var.user_admin}"
     # searchdomain - Sets DNS search domains for a container.
     searchdomain      = "${var.domain}"
     # nameserver - Sets DNS server IP address for a container.
     nameserver        = "${var.dns}"
     # sshkeys - public ssh keys, one per line
     sshkeys           = "${var.user_admin_ssh_public_key}"
     # FIXME: When T1872 lands, this will need to be updated
     # ipconfig0 - [gw =] [,ip=<IPv4Format/CIDR>]
     # ip to communicate for now with the prod network through louvre
     ipconfig0         = "ip=192.168.100.125/24,gw=192.168.100.1"
     # vms from the staging network will use this vm as gateway
     ipconfig1         = "ip=${var.gateway_ip}/24"
     disk {
         id           = 0
         type         = "virtio"
         storage      = "orsay-ssd-2018"
         storage_type = "ssd"
         size         = "20G"
     }
     network {
         id      = 0
         model   = "virtio"
         bridge  = "vmbr0"
         macaddr = "6E:ED:EF:EB:3C:AA"
     }
     network {
         id      = 1
         model   = "virtio"
         bridge  = "vmbr0"
         macaddr = "FE:95:CC:A5:EB:43"
     }
     # Delegate to puppet at the end of the provisioning the software setup
     provisioner "remote-exec" {
         inline = [
             "sysctl -w net.ipv4.ip_forward=1",
             # make it persistent
             "sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf",
             # add route to louvre (the persistence part is done through puppet)
             "iptables -t nat -A POSTROUTING -s 192.168.128.0/24 -o eth0 -j MASQUERADE",
             "sed -i 's/127.0.1.1/${var.gateway_ip}/g' /etc/hosts",
             "puppet agent --server ${var.puppet_master} --environment=${var.puppet_environment} --waitforcert 60 --test || echo 'Node provisionned!'",
         ]
     }
 }
 
 module "storage0" {
     source      = "./modules/node"
+    config      = "${local.config}"
 
     hostname    = "storage0"
     description = "swh storage services"
     cores       = "4"
     memory      = "8192"
     network = {
         ip      = "192.168.128.2"
         macaddr = "CA:73:7F:ED:F9:01"
     }
 }
 
 output storage0_summary {
     value = "${module.storage0.summary}"
 }
 
 module "db0" {
     source      = "./modules/node"
+    config      = "${local.config}"
 
     hostname    = "db0"
     description = "swh db"
     cores       = "4"
     memory      = "16384"
     network = {
         ip      = "192.168.128.3"
         macaddr = "3A:65:31:7C:24:17"
     }
 }
 
 output db0_summary {
     value = "${module.db0.summary}"
 }