Awesome! Thanks for the detailed update, and I’m glad it worked well for you!

Where is your VPS located, and which Wire Guard server are you connecting to?

In your HAProxy config (like in this example), it’s checked from top to bottom. So your top-most frontend case should be the one that checks for the special keyword case. Then, if it doesn’t match the keyword, HAProxy will continue going down the list until it finds a frontend that does match. So your second frontend should match for everything, because if it doesn’t find a match, HAProxy shows an error

Cool, I think that first link will work for you. Then you can just ‘redirect’ for the no-keyword case: https://www.haproxy.com/documentation/haproxy-configuration-tutorials/http-redirects/

Remember, SSL/HTTPS does encrypt the URL path, so if the final website requires HTTPS, your proxy will need to have its certificate trusted by your clients

Maybe have two cases:
For the (matched keyword) case, something like this: https://serverfault.com/questions/729232/reg-exp-for-url-in-haproxy

For the (random routing) case, something like: https://www.haproxy.com/blog/haproxy-configuration-basics-load-balance-your-servers

I am a little confused on your question, though. It sounds like you maybe want 3 cases? Can you try wording it differently?

Generally unique request IDs have to be generated by the client that sends the request. If the client doesn’t generate an ID, you’re probably out of luck. That said, do you have information about the client you’re expecting to call your Squid cache? One unofficial, but common place for clients to put a request ID is in the header “X-Request-ID”

deleted by creator

I’ve been very happy with my Nvidia Shield. It’s powerful enough for all 4k HDR media and runs Android so it’s customizable but I don’t have to think about it.