<?php

function main($params) {
  $bucket = 'hogehoge';
  $hash = $params['hash'];

  $url = 'http://s3-ap-northeast-1.amazonaws.com/'.$bucket.'/'.$hash;

  header ('X-Accel-Redirect: /reploxy');
  header ('X-Reproxy-URL: '.$url);
}

// エントリポイント
main($_REQUEST);

nginx の 設定

server {

    listen       80;
    server_name  hoge_site.com;

    access_log  /var/log/nginx/hoge_site.access.log  main;
    error_log   /var/log/nginx/hoge_site.error.log;

    root   /var/www/html/hoge_site/public_html;


    error_page  404              /404.html;
    location = /404.html {
        root   /usr/share/nginx/html;
    }

    location / {
        index  index.html;
    }

    location /reploxy {
        internal;
        resolver 8.8.8.8;
        set $reproxy  $upstream_http_x_reproxy_url;
        proxy_pass $reproxy;
        proxy_set_header  Authorization "";
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {

        try_files $uri =404;
        fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one

    location ~ /\.ht {
        deny  all;
    }

}