最近看到有人分享公共库镜像,比较适合国内主机使用,但我认为国外主机还是自己反代一下比较好。比如Linode,自己反代速度简直飞起来。
使用nginx来进行反向代理,可以自己添加SSL证书(免费的StartSSL也行)
然后添加这样的一个配置文件即可。这里的内容有精简,详细说明在这儿:
https://hjc.im/google-fonts-reverse-proxy/可以做到限制特定域名使用,也就是说防止别人盗用。
nginx配置文件:
#所有fonts.ligstd.com替换为自己的字体库域名
upstream google {
server fonts.googleapis.com:80;
}
upstream gstatic {
server fonts.gstatic.com:80;
}
server {
listen 80;
listen [::]:80;
server_name
fonts.ligstd.com;
location /css {
sub_filter 'fonts.gstatic.com' 'fonts.ligstd.com';
sub_filter_once off;
sub_filter_types text/css;
proxy_pass_header Server;
proxy_set_header Host
fonts.googleapis.com;
proxy_set_header Accept-Encoding '';
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass
http://google;
}
location / {
proxy_pass_header Server;
proxy_set_header Host
fonts.gstatic.com;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass
http://gstatic;
}
}
server {
listen 106.186.18.133:443 ssl spdy;
listen [2400:8900::f03c:91ff:fe73:bc8f]:443 ssl spdy;
ssl on;
ssl_certificate /root/fonts.ligstd.com/ssl.crt;
ssl_certificate_key /root/fonts.ligstd.com/ssl.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:RSA+3DES:!ADH:!AECDH:!MD5;
server_name
fonts.ligstd.com;
location /css {
sub_filter 'http://fonts.gstatic.com' 'https://fonts.ligstd.com';
sub_filter_once off;
sub_filter_types text/css;
proxy_pass_header Server;
proxy_set_header Host
fonts.googleapis.com;
proxy_set_header Accept-Encoding '';
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass
http://google;
}
location / {
proxy_pass_header Server;
proxy_set_header Host
fonts.gstatic.com;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass
http://gstatic;
}
}