We have setup several new proxied subdomains in Cloudflare DNS, such as: gis-data.example.org
that point to some large buckets of GIS map tiles stored on storage.googleapis.com/
The intent is to allow us to create several endpoint for this data that can be shared, and then selectively monitored for bandwidth usage, CDN caching, and selectively disabled if needed.
We do not want to publicly disclose the actual bucket paths on googleapis .com so the CNAME proxy should take care of that aspect. Where I am getting stuck is we also want to simply the url path with a URL Rewrite / transform.
This text will be hidden
For example, we want to dynamically rewrite: https://gis-data.example.org/9/100/178.png
internally to https://storage.googleapis.com/bucket-name/example-sub-folder/9/100/178.png
It seems I should be able to accomplish that with a URL transform Rule:
matching host "gis-data.example.org"
This isn’t working and I suspect I also need to rewrite the hostname / SNI of the request in order for the origin server to find the correct bucket. It looks like we can’t add an origin rule with the ability to rewrite hostname / SNI unless we upgrade to Enterprise (we are currently Pro tier). Enterprise is unfortunately not feasible for this project.
Am I overlooking anything or taking the wrong approach for this? I had assumed this would be something we could accomplish easy with the myriad of features in Cloudflare.
As for the title of your topic, the answer is no, not possible to rewrite the hostname with a Transform Rule, only the path and the query string.
A proxied CNAME record, as you have set, is what you can do and it should work, as long as the receiving end is ready to handle requests for the requested domain.
What exactly are you getting? An error message?
In order to test whether the Transform Rule is working, you can edit the CNAME record to point instead to www.google.com and place a request that would trigger the Transform Rule. You should receive a 404 from Google specifying the path it received.
Yeah, I think the receiving end / origin server is not accepting traffic from the requesting subdomain / SNI. The error message is an XML response stating “The specified bucket does not exist.” the URL transform rule I setup appears to be working when I test with an alternate domain.
I don’t have admin access to the account on the google cloud side. I will reach out with the client to see if we can get that. Since our budget unfortunately won’t allow Enterprise to get us hostname / SNI rewrite rules, would it be possible for us to instead create a Worker script that accepts the public url, fetches the .png from the origin server using the internal url, then forwards to the client? Basically creating our own proxy to rewrite the url and hostname.
I’m not the right person to answer about Workers, but digging a bit in our own Community with a I’ve found a couple of pointers you may want to have a look at:
As in the post above, it seems you’re also missing a c. in the bucket’s URL:
If you can’t manage to address it with the above resources, then this Quick Starts link has a specific Workers example for Cloud Storage:
I’ve found a couple of pointers you may want to have a look at: