as far as I recall, AWS4 uses digitally signed several headers. if you change some of those headers, security is broken so you get 401. I'm not sure it allows to change URL on the fly or not.
but I recall proxying S3 pretty complicated task. should we document best practices how to reverse proxy S3 ? чт, 24 дек. 2020 г. в 18:01, Ionel GARDAIS <ionel.gard...@tech-advantage.com >: > I would have add the trailing slash to avoid "/storages" being rewote. > 'http-request set-path %[regsub(^/storage/,/minio/)]' > > -- > Ionel > > ----- Mail original ----- > De: "Chad Lavoie" <clav...@haproxy.com> > À: "haproxy" <haproxy@formilux.org> > Cc: "Jonathan Opperman" <jonoi...@gmail.com> > Envoyé: Jeudi 24 Décembre 2020 02:04:57 > Objet: [*EXT*] Re: haproxy hiding url/minio > > Greetings, > > On 12/23/2020 7:10 PM, Jonathan Opperman wrote: > > > > Works perfectly fine, what is the best way to hide /minio so it will > > rather say /storage so externally > > I hide the fact that we are using minio? > > You can do that by using 'http-request set-path > %[regsub(^/storage,/minio)]' to rewrite the path that the backend sees > from what the client sent. > > - Chad > -- > 232 avenue Napoleon BONAPARTE 92500 RUEIL MALMAISON > Capital EUR 219 300,00 - RCS Nanterre B 408 832 301 - TVA FR 09 408 832 301 > > >
