diff --git a/playbooks/include/proxies-miscellaneous.yml b/playbooks/include/proxies-miscellaneous.yml
index 682fac2cb5..8e00090979 100644
--- a/playbooks/include/proxies-miscellaneous.yml
+++ b/playbooks/include/proxies-miscellaneous.yml
@@ -59,3 +59,7 @@
   - role: pkgdb-proxy
     tags:
     - pkgdb2
+
+  - role: security.txt
+    tags:
+    - security.txt
diff --git a/roles/security.txt/files/security-txt.conf b/roles/security.txt/files/security-txt.conf
new file mode 100644
index 0000000000..11d85490ed
--- /dev/null
+++ b/roles/security.txt/files/security-txt.conf
@@ -0,0 +1 @@
+AliasMatch ^/.well-known/security.txt /srv/web/security.txt
diff --git a/roles/security.txt/files/security.txt b/roles/security.txt/files/security.txt
new file mode 100644
index 0000000000..5bf706e1c2
--- /dev/null
+++ b/roles/security.txt/files/security.txt
@@ -0,0 +1,2 @@
+Contact: mailto:infra-security@fedoraproject.org
+Expires: 2022-01-31T21:01:00.000Z
diff --git a/roles/security.txt/tasks/main.yml b/roles/security.txt/tasks/main.yml
new file mode 100644
index 0000000000..9ef4f1651d
--- /dev/null
+++ b/roles/security.txt/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+# Install static security.txt file on proxies.
+- name: Copy static security.txt file into place
+  copy: src=security.txt dest=/srv/web/security.txt owner=root group=root mode=755
+  tags:
+  - security.txt
+
+- name: Copy httpd config
+  copy: src=security-txt.conf dest=/etc/httpd/conf.d/admin.fedoraproject.org/security-txt.conf owner=root group=root mode=755
+  notify:
+  - reload apache
+  tags:
+  - security.txt