--- /dev/null
+# {{ ansible_managed }}
+
+# miroir de ftp.fr.debian.org
+server {
+ listen 80;
+ server_name ftp.fr.debian.org;
+ gzip off;
+
+ access_log /var/log/nginx/mirror.access.log;
+ error_log /var/log/nginx/mirror.error.log;
+
+ root {{ apt_mirror_home }}/mirror/ftp.fr.debian.org;
+ autoindex on;
+
+ allow 127.0.0.1; # localhost
+ allow {{ ansible_eth1.ipv4.network }}/24; # LAN
+ allow {{ public_block }}; # mairie
+ {% for ip in special_authorized_ips %}
+ allow {{ ip }};
+ {% endfor %}
+
+ deny all;
+
+}
+
+# miroir de http.debian.net
+server {
+ listen 80;
+ server_name http.debian.net;
+ gzip off;
+
+ access_log /var/log/nginx/default.access.log;
+ error_log /var/log/nginx/default.error.log;
+
+ root {{ apt_mirror_home }}/mirror/http.debian.net;
+ autoindex on;
+
+ allow 127.0.0.1; # localhost
+ allow {{ ansible_eth1.ipv4.network }}/24; # LAN
+ allow {{ public_block }}; # mairie
+ {% for ip in special_authorized_ips %}
+ allow {{ ip }};
+ {% endfor %}
+
+ deny all;
+
+}
+
+# miroir de security.debian.org
+server {
+ listen 80;
+ server_name security.debian.org;
+ gzip off;
+
+ access_log /var/log/nginx/default.access.log;
+ error_log /var/log/nginx/default.error.log;
+
+ root {{ apt_mirror_home }}/mirror/security.debian.org;
+ autoindex on;
+
+ allow 127.0.0.1; # localhost
+ allow {{ ansible_eth1.ipv4.network }}/24; # LAN
+ allow {{ public_block }}; # mairie
+ {% for ip in special_authorized_ips %}
+ allow {{ ip }};
+ {% endfor %}
+
+ deny all;
+
+}
+