Recently I developed a small web site for my lab, and we are hosting it on Google App Engine (GAE), as Google provides quite enough resources for a site of several pages ;)
However we also need to provide download of huge files, which can not be store in GAE, thus we had to host it in one of our severs. Initially we do not want our content directly accessible, so we want to use dynamic URL but we don’t want to loose the performance of nginx.
My final solution is use rsa module by Sybren A. Stuvel (which is pure python) to encrypt the real url (with fixed private key) in GAE, and give the encrypted url to user. In the file host, I use nginx’s X-Accel-Redirect feature and a tiny cherrypy server to decrypt the url (with corresponding pub key), and simply set the X-Accel-Redirect header to the real internal path of nginx.
This solution works well in my case :)