diff --git a/host_vars/mirror01.yml b/host_vars/mirror01.yml
new file mode 100644
index 0000000000000000000000000000000000000000..14d3d867de85d8f74d68ac5cd2975ab4048fd993
--- /dev/null
+++ b/host_vars/mirror01.yml
@@ -0,0 +1 @@
+mirror_url: mirror01.luebeck.freifunk.net
\ No newline at end of file
diff --git a/hosts.yml b/hosts.yml
index 5ce3e89886eefbdbf2fd3e847a1bd4c420726c9a..8bf75e51562ef50f6c383b5596a6d410c6033bd9 100644
--- a/hosts.yml
+++ b/hosts.yml
@@ -20,3 +20,11 @@ service_hosts:
   hosts:
     srv02:
       ansible_ssh_host: srv02.luebeck.freifunk.net
+
+firmware_mirrors:
+  vars:
+    ansible_python_interpreter: /usr/bin/env python3
+    ansible_ssh_user: root
+  hosts:
+    mirror01:
+      ansible_ssh_host: mirror01.luebeck.freifunk.net
diff --git a/playbook.yml b/playbook.yml
index d4000f5360a6ce42b5f9235567c40e6b3ae62942..ad82ca7c9ff0dc3afc37eef2f074af3b48055a51 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -20,3 +20,9 @@
     - services
     - role: ffhl_ns_auth
       tags: [nameserver, nsauth]
+
+- hosts: firmware_mirrors
+  become: yes
+  roles:
+    - role: firmware_mirror
+      tags: [firmware_mirror]
diff --git a/roles/firmware_mirror/files/etc/systemd/system/firmware-mirror.service b/roles/firmware_mirror/files/etc/systemd/system/firmware-mirror.service
new file mode 100644
index 0000000000000000000000000000000000000000..e599773b4013de6df8c40950501351d14adbe713
--- /dev/null
+++ b/roles/firmware_mirror/files/etc/systemd/system/firmware-mirror.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Firmware Mirror
+
+[Service]
+Type=oneshot
+WorkingDirectory=/root/
+ExecStart=/root/firmware-mirror.sh
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/firmware_mirror/files/etc/systemd/system/firmware-mirror.timer b/roles/firmware_mirror/files/etc/systemd/system/firmware-mirror.timer
new file mode 100644
index 0000000000000000000000000000000000000000..07c924fa4b41792b986e625ce6b8249c00f0f179
--- /dev/null
+++ b/roles/firmware_mirror/files/etc/systemd/system/firmware-mirror.timer
@@ -0,0 +1,8 @@
+[Unit]
+Description=Firmware Mirror Timer
+
+[Timer]
+OnCalendar= *-*-* 03:42:23
+
+[Install]
+WantedBy=timers.target
\ No newline at end of file
diff --git a/roles/firmware_mirror/files/root/firmware-mirror.sh b/roles/firmware_mirror/files/root/firmware-mirror.sh
new file mode 100644
index 0000000000000000000000000000000000000000..5d7398a3d3d6a306ffc778523022896b46c390bf
--- /dev/null
+++ b/roles/firmware_mirror/files/root/firmware-mirror.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+wget --no-clobber --recursive  --reject-regex "/[debug|nightly]/*" firmware.ffhl.de
+cp -r firmware.ffhl.de /var/www/firmware
+chown -R www-data:www-data /var/www/firmware
\ No newline at end of file
diff --git a/roles/firmware_mirror/tasks/main.yml b/roles/firmware_mirror/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..5b239267d1580df9cd8fd8e061854a3aa2fc17c6
--- /dev/null
+++ b/roles/firmware_mirror/tasks/main.yml
@@ -0,0 +1,54 @@
+
+- name: copy configs
+  copy:
+    src: etc/
+    dest: /etc
+
+
+- name: install nginx
+  apt:
+    state: present
+    install_recommends: no
+    update_cache: yes
+    name:
+      - nginx-full
+      - libnginx-mod-http-fancyindex
+      - libnginx-mod-http-headers-more-filter
+
+- name: copy nginx configs
+  template:
+    src: etc/nginx/sites-available/firmware
+    dest: /etc/nginx/sites-available/firmware
+
+- name: enable sites
+  block:
+    - name: remove all enabled sites
+      file: state=absent path="/etc/nginx/sites-enabled/"
+    - name: create enabled-sites directory
+      file: state=directory path="/etc/nginx/sites-enabled"
+    - name: enable selected sites
+      file:
+        state: link
+        src: "../sites-available/firmware"
+        dest: "/etc/nginx/sites-enabled/firmware"
+
+
+- name: enable nginx service
+  systemd:
+    name: nginx.service
+    state: restarted
+    enabled: yes
+
+
+
+- name: copy mirror script
+  copy:
+    src: root/
+    dest: /root
+    mode: a+xr
+
+- name: enable firmware-mirror timer
+  systemd:
+    name: firmware-mirror.timer
+    state: restarted
+    enabled: yes
\ No newline at end of file
diff --git a/roles/firmware_mirror/templates/etc/nginx/sites-available/firmware b/roles/firmware_mirror/templates/etc/nginx/sites-available/firmware
new file mode 100644
index 0000000000000000000000000000000000000000..f9d1a4abe96f1b146db4a9aec3009acd4fa56224
--- /dev/null
+++ b/roles/firmware_mirror/templates/etc/nginx/sites-available/firmware
@@ -0,0 +1,14 @@
+server {
+	listen 80;
+	listen [::]:80;
+	server_name {{ mirror_url }};
+ 	client_max_body_size 5m;
+    	client_body_timeout 60;
+	
+	root /var/www/firmware;
+	
+	location / {
+		index on;
+	}
+}
+