X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ffiles%2Fsecurity_mirror%2Fsecurity.debian.org;h=bc54f5e0f455233d30ab264181dabf61efb11bcb;hb=9652c08788a535a51db02db29a995d6a2d5d9498;hp=0f77652dbd0e708e5fb2710755d5a912fe270a39;hpb=3eb533e5499e66423bafdedaf6c7d08ead1772de;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/files/security_mirror/security.debian.org b/modules/roles/files/security_mirror/security.debian.org
index 0f77652db..bc54f5e0f 100644
--- a/modules/roles/files/security_mirror/security.debian.org
+++ b/modules/roles/files/security_mirror/security.debian.org
@@ -20,10 +20,26 @@
    ServerAlias security.us.debian.org
    ServerAlias security.na.debian.org
    ServerAlias security.geo.debian.org
+   ServerAlias security-cdn.debian.org
    ServerAlias security-nagios.debian.org
 
+   ExpiresActive On
+   ExpiresDefault "access plus 2 minutes"
+
    Alias /debian-security /org/security.debian.org/ftp
 
+   <Directory /org/security.debian.org/ftp/pool>
+      <FilesMatch "\.(bz2|gz|deb|dsc|xz)$">
+         ExpiresDefault "access plus 1 month"
+         Header append Cache-Control "public"
+      </FilesMatch>
+   </Directory>
+
+   <Directory /org/security.debian.org/ftp/dists>
+      ExpiresDefault "access plus 1 seconds"
+      Header append Cache-Control "public"
+   </Directory>
+
    RewriteEngine on
    RewriteRule ^/$      http://www.debian.org/security/
 
@@ -31,8 +47,8 @@
    # alert, emerg.
    LogLevel warn
 
-   CustomLog /var/log/apache2/security.debian.org-access.log combined
+   CustomLog /var/log/apache2/security.debian.org-access.log privacy
    ServerSignature On
-
 </VirtualHost>
 
+# vim: set ts=3 sw=3 et: