IOIOX 文档中心

Appearance

Nginx 反向代理 Gravatar

nginx 缓存配置

nginx
proxy_temp_file_write_size 128k;
proxy_temp_path   /nginx_cache/proxy_temp;
proxy_cache_path  /nginx_cache/googlefonts levels=1:2 keys_zone=googlefonts:200m inactive=30d max_size=1g;
proxy_cache_path  /nginx_cache/gravatar levels=1:2 keys_zone=gravatar:200m inactive=30d max_size=1g;
proxy_cache_path  /nginx_cache/jsdelivr levels=1:2 keys_zone=jsdelivr:200m inactive=30d max_size=1g;

反向代理 Gravatar

批量修改 gravatar.yourdomain.com 为你的域名

nginx
upstream gravatar {
    server secure.gravatar.com:443;
}

server {
    listen 80;
    server_name gravatar.yourdomain.com;
    return 301 https://gravatar.yourdomain.com$request_uri;
}

server {
    listen 443   ssl http2;
    server_name  gravatar.yourdomain.com;
    index index.html index.htm index.php default.html default.htm default.php;

    ssl_certificate /ssl/yourdomain.com.cer;
    ssl_certificate_key /ssl/yourdomain.com.key;
    ssl_trusted_certificate /ssl/yourdomain.com.cer;

    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers off;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_ecdh_curve secp384r1;
    ssl_session_timeout  10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_session_tickets off;
    resolver 8.8.8.8 8.8.4.4 valid=60s ipv6=off;
    resolver_timeout 5s;
    add_header Strict-Transport-Security "max-age=63072000" always;

    location / {
        proxy_pass_header Server;
        proxy_set_header Host secure.gravatar.com;
        proxy_set_header Accept-Encoding '';
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass https://gravatar;
        proxy_cache gravatar;
        proxy_cache_valid  200 304 365d;
        proxy_cache_key $host$uri$is_args$args;
        expires max;
    }

    access_log /var/log/nginx/gravatar.yourdomain.com.access.log main;
    error_log  /var/log/nginx/gravatar.yourdomain.com.error.log warn;
}

Copyright © 2024 IOIOX