--- a/pkg/config/config.go	Thu Aug 16 13:47:30 2018 +0200
+++ b/pkg/config/config.go	Thu Aug 16 15:17:21 2018 +0200
@@ -42,7 +42,7 @@
 
 func AllowedOrigins() []string { return viper.GetStringSlice("allowed-origins") }
 
-func ExternalWFSs() map[string]interface{} { return viper.GetStringMap("external-wfs") }
+func Proxies(key string) map[string]interface{} { return viper.GetStringMap(key) }
 
 func GeoServerURL() string      { return viper.GetString("geoserver-url") }
 func GeoServerUser() string     { return viper.GetString("geoserver-user") }

--- a/pkg/controllers/proxy.go	Thu Aug 16 13:47:30 2018 +0200
+++ b/pkg/controllers/proxy.go	Thu Aug 16 15:17:21 2018 +0200
@@ -35,77 +35,82 @@
 	"http://schemas.opengis.net/gml":            struct{}{},
 }
 
-func findEntry(entry string) (string, bool) {
-	external := config.ExternalWFSs()
-	if external == nil || len(external) == 0 {
-		return "", false
-	}
-	alias, found := external[entry]
-	if !found {
-		return "", false
+func findProxy(key string) func(string) (string, bool) {
+	entries := config.Proxies(key)
+	return func(entry string) (string, bool) {
+		if entries == nil || len(entries) == 0 {
+			return "", false
+		}
+		alias, found := entries[entry]
+		if !found {
+			return "", false
+		}
+		data, ok := alias.(map[string]interface{})
+		if !ok {
+			return "", false
+		}
+		urlS, found := data["url"]
+		if !found {
+			return "", false
+		}
+		url, ok := urlS.(string)
+		return url, ok
 	}
-	data, ok := alias.(map[string]interface{})
-	if !ok {
-		return "", false
-	}
-	urlS, found := data["url"]
-	if !found {
-		return "", false
-	}
-	url, ok := urlS.(string)
-	return url, ok
 }
 
-func proxyDirector(req *http.Request) {
-
-	log.Printf("proxyDirector: %s\n", req.RequestURI)
+func proxyDirector(lookup func(string) (string, bool)) func(*http.Request) {
 
-	abort := func(format string, args ...interface{}) {
-		log.Printf(format, args...)
-		panic(http.ErrAbortHandler)
-	}
-
-	vars := mux.Vars(req)
-
-	var s string
+	return func(req *http.Request) {
 
-	if entry, found := vars["entry"]; found {
-		if s, found = findEntry(entry); !found {
-			abort("Cannot find entry '%s'\n", entry)
-		}
-	} else {
-		expectedMAC, err := base64.URLEncoding.DecodeString(vars["hash"])
-		if err != nil {
-			abort("Cannot base64 decode hash: %v\n", err)
-		}
-		url, err := base64.URLEncoding.DecodeString(vars["url"])
-		if err != nil {
-			abort("Cannot base64 decode url: %v\n", err)
+		log.Printf("proxyDirector: %s\n", req.RequestURI)
+
+		abort := func(format string, args ...interface{}) {
+			log.Printf(format, args...)
+			panic(http.ErrAbortHandler)
 		}
 
-		mac := hmac.New(sha256.New, config.ProxyKey())
-		mac.Write(url)
-		messageMAC := mac.Sum(nil)
+		vars := mux.Vars(req)
+
+		var s string
 
-		s = string(url)
-
-		if !hmac.Equal(messageMAC, expectedMAC) {
-			abort("HMAC of URL %s failed.\n", s)
-		}
-	}
+		if entry, found := vars["entry"]; found {
+			if s, found = lookup(entry); !found {
+				abort("Cannot find entry '%s'\n", entry)
+			}
+		} else {
+			expectedMAC, err := base64.URLEncoding.DecodeString(vars["hash"])
+			if err != nil {
+				abort("Cannot base64 decode hash: %v\n", err)
+			}
+			url, err := base64.URLEncoding.DecodeString(vars["url"])
+			if err != nil {
+				abort("Cannot base64 decode url: %v\n", err)
+			}
 
-	nURL := s + "?" + req.URL.RawQuery
-	//log.Printf("%v\n", nURL)
+			mac := hmac.New(sha256.New, config.ProxyKey())
+			mac.Write(url)
+			messageMAC := mac.Sum(nil)
+
+			s = string(url)
+
+			if !hmac.Equal(messageMAC, expectedMAC) {
+				abort("HMAC of URL %s failed.\n", s)
+			}
+		}
 
-	u, err := url.Parse(nURL)
-	if err != nil {
-		abort("Invalid url: %v\n", err)
+		nURL := s + "?" + req.URL.RawQuery
+		//log.Printf("%v\n", nURL)
+
+		u, err := url.Parse(nURL)
+		if err != nil {
+			abort("Invalid url: %v\n", err)
+		}
+		req.URL = u
+
+		req.Host = u.Host
+		//req.Header.Del("If-None-Match")
+		//log.Printf("headers: %v\n", req.Header)
 	}
-	req.URL = u
-
-	req.Host = u.Host
-	//req.Header.Del("If-None-Match")
-	//log.Printf("headers: %v\n", req.Header)
 }
 
 type nopCloser struct {

--- a/pkg/controllers/routes.go	Thu Aug 16 13:47:30 2018 +0200
+++ b/pkg/controllers/routes.go	Thu Aug 16 15:17:21 2018 +0200
@@ -54,24 +54,24 @@
 
 	// Proxy for external WFSs.
 	proxy := &httputil.ReverseProxy{
-		Director:       proxyDirector,
-		ModifyResponse: proxyModifyResponse("/api/proxy/"),
+		Director:       proxyDirector(findProxy("external")),
+		ModifyResponse: proxyModifyResponse("/api/external/"),
 	}
 
-	api.Handle("/proxy/{hash}/{url}", proxy).
+	api.Handle("/external/{hash}/{url}", proxy).
 		Methods(
 			http.MethodGet, http.MethodPost,
 			http.MethodPut, http.MethodDelete)
 
-	api.Handle("/proxy/{entry}", proxy).
+	api.Handle("/external/{entry}", proxy).
 		Methods(
 			http.MethodGet, http.MethodPost,
 			http.MethodPut, http.MethodDelete)
 
 	// Proxy for external WFSs.
 	internal := &httputil.ReverseProxy{
-		Director:       proxyDirector,
-		ModifyResponse: proxyModifyResponse("/api/internal"),
+		Director:       proxyDirector(findProxy("internal")),
+		ModifyResponse: proxyModifyResponse("/api/internal/"),
 	}
 
 	internalAuth := all(