gavin/font2pic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
58b2d15eae29f1a04743ae920e7deab18713059e
font2pic/mac.conf
douboer 58b2d15eae update at 2026-02-10 14:41:16
2026-02-10 14:41:16 +08:00

130 lines
4.6 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Font2SVG - Nginx 配置mac.biboer.cn
# 用途:为微信小程序提供静态字体资源 + 远端 SVG 渲染 API
server {
listen 80;
listen [::]:80;
server_name mac.biboer.cn;
return 301 https://$host:8443$request_uri;
}
server {
listen 8443 ssl;
listen [::]:8443 ssl;
http2 on;
server_name mac.biboer.cn;
# SSL 证书
ssl_certificate /Users/gavin/mac.biboer.cn_ecc/fullchain.cer;
ssl_certificate_key /Users/gavin/mac.biboer.cn_ecc/mac.biboer.cn.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
# 静态资源根目录(包含 fonts/、fonts.json、miniprogram/assets/*
root /Users/gavin/font2svg;
index fonts.json;
access_log /opt/homebrew/var/log/nginx/access.log;
error_log /opt/homebrew/var/log/nginx/error.log;
server_tokens off;
# 小程序跨域访问
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET,HEAD,POST,OPTIONS" always;
add_header Access-Control-Allow-Headers "Origin,Range,Accept,Content-Type,Authorization" always;
add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
# MIME
types {
application/json json;
font/ttf ttf;
font/otf otf;
font/woff woff;
font/woff2 woff2;
application/vnd.ms-fontobject eot;
}
# SVG 渲染 API独立 Python 服务systemd 监听 127.0.0.1:9300
location ^~ /api/ {
# 预检请求:直接返回 204CORS 头由 server 级 add_header 提供)
if ($request_method = OPTIONS) {
return 204;
}
proxy_pass http://127.0.0.1:9300;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 5s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
# 健康检查(可选)
location = /healthz {
proxy_pass http://127.0.0.1:9300/healthz;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# fonts.json短缓存便于更新
location = /fonts.json {
expires 1h;
add_header Cache-Control "public, must-revalidate" always;
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET,HEAD,POST,OPTIONS" always;
add_header Access-Control-Allow-Headers "Origin,Range,Accept,Content-Type,Authorization" always;
add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
try_files $uri =404;
}
# 小程序配置:短缓存,便于切换
location = /miniprogram/assets/fonts.json {
expires 1h;
add_header Cache-Control "public, must-revalidate" always;
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET,HEAD,POST,OPTIONS" always;
add_header Access-Control-Allow-Headers "Origin,Range,Accept,Content-Type,Authorization" always;
add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
try_files $uri =404;
}
location = /miniprogram/assets/default.json {
expires 1h;
add_header Cache-Control "public, must-revalidate" always;
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET,HEAD,POST,OPTIONS" always;
add_header Access-Control-Allow-Headers "Origin,Range,Accept,Content-Type,Authorization" always;
add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
try_files $uri =404;
}
# 字体文件:长缓存
location ~* \.(ttf|otf|woff|woff2|eot)$ {
expires 30d;
add_header Cache-Control "public, immutable" always;
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET,HEAD,POST,OPTIONS" always;
add_header Access-Control-Allow-Headers "Origin,Range,Accept,Content-Type,Authorization" always;
add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
try_files $uri =404;
}
# 默认仅提供静态文件
location / {
try_files $uri =404;
}
# 禁止访问隐藏文件
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
}
Reference in New Issue View Git Blame Copy Permalink