前提,一墙外 VPS,推荐使用 Debian 7:

1、准备:

apt-get update && apt-get install wget -y && wget http://nginx.org/keys/nginx_signing.key && apt-key add nginx_signing.key

2、 编辑 /etc/apt/sources.list

vim /etc/apt/sources.list
# 按 i 进入编辑模式,复制:
deb http://nginx.org/packages/mainline/debian/ wheezy nginx
deb-src http://nginx.org/packages/mainline/debian/ wheezy nginx
# 按 esc 键,再输入 :wq 回车保存

3、 安装 Nginx:

apt-get update && apt-get install nginx

4、配置 Google Fonts:

新建一个 Nginx 配置文件:

vim /etc/nginx/conf.d/googlefonts.conf

复制下方内容:

upstream google {
    server fonts.googleapis.com:443;
}

upstream gstatic {
    server fonts.gstatic.com:443;
}

server {
    listen 80;

    server_name fonts.conn.cc;
    # 修改为你自己的域名
    resolver 8.8.8.8;

    location /css {
        sub_filter 'fonts.gstatic.com' 'fonts.conn.cc'; # 修改为你自己的域名
        sub_filter_once off;
        sub_filter_types text/css;
        proxy_pass_header Server;
        proxy_set_header Host fonts.googleapis.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://google;
    }

    location /icon {
        sub_filter 'fonts.gstatic.com' 'fonts.conn.cc'; # 修改为你自己的域名
        sub_filter_once off;
        sub_filter_types text/css;
        proxy_pass_header Server;
        proxy_set_header Host fonts.googleapis.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://google;
    }

    location /earlyaccess {
        sub_filter 'fonts.gstatic.com' 'fonts.conn.cc'; # 修改为你自己的域名
        sub_filter_once off;
        sub_filter_types text/css;
        proxy_pass_header Server;
        proxy_set_header Host fonts.googleapis.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://google;
    }

    location / {
        proxy_pass_header Server;
        proxy_set_header Host fonts.gstatic.com;
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass http://gstatic;
    }
}

# 以下为 SSL 配置,若不需要可省略

server {
    listen 443 ssl http2;

    ssl on;
    ssl_certificate /etc/nginx/ssl/static.crt; # 修改为你自己的域名证书
    ssl_certificate_key /etc/nginx/ssl/static.key; # 修改为你自己的域名密钥

    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
    keepalive_timeout 70;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m; 

    server_name fonts.conn.cc; # 修改为你自己的域名

    resolver 8.8.8.8;

    location /css {
        sub_filter 'fonts.gstatic.com' 'fonts.conn.cc'; # 修改为你自己的域名
        sub_filter_once off;
        sub_filter_types text/css;
        proxy_pass_header Server;
        proxy_set_header Host fonts.googleapis.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://google;
    }

    location /icon {
        sub_filter 'fonts.gstatic.com' 'fonts.conn.cc'; # 修改为你自己的域名
        sub_filter_once off;
        sub_filter_types text/css;
        proxy_pass_header Server;
        proxy_set_header Host fonts.googleapis.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://google;
    }

    location /earlyaccess {
        sub_filter 'fonts.gstatic.com' 'fonts.conn.cc'; # 修改为你自己的域名
        sub_filter_once off;
        sub_filter_types text/css;
        proxy_pass_header Server;
        proxy_set_header Host fonts.googleapis.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://google;
    }

    location / {
        proxy_pass_header Server;
        proxy_set_header Host fonts.gstatic.com;
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://gstatic;
    }
}

保存退出后运行 service nginx restart 重启 Nginx 即可。

5、 配置 Gravatar

新建一个 Nginx 配置文件:

vim /etc/nginx/conf.d/gravatar.conf

复制下方内容:

upstream gravatar {
    server secure.gravatar.com:443; 
}

server {
    listen 80;

    server_name static.conn.cc; # 修改为你自己的域名

    resolver 8.8.8.8;

    location / {
        proxy_pass_header Server;
        proxy_set_header Host secure.gravatar.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://gravatar;
    }
}

# 以下为 SSL 配置,若不需要可省略

server {
    listen 443 ssl http2;

    ssl on;
    ssl_certificate /etc/nginx/ssl/static.crt; #改为自己的SSL证书位置
    ssl_certificate_key /etc/nginx/ssl/static.key; #改为自己的SSL私钥位置

    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
    keepalive_timeout 70;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m; 

    server_name static.conn.cc; # 修改为你自己的域名

    resolver 8.8.8.8;

    location / {
        proxy_pass_header Server;
        proxy_set_header Host secure.gravatar.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_pass https://gravatar;
    }
}

保存退出后运行 service nginx restart 重启 Nginx 即可。


这是我自己反代的: https://cdn.conn.cc 若不会配置可直接使用。


  2016-03-19    二维码    返回顶部