I am just wondering how the discussion and proposed PR in Add support for conditional access based on user role · Issue #579 · eclipse-archived/smarthome · GitHub will impact the usage of the iOS openHAB app
As far as I understand things, opting for a nginx+certbot+basic http authentication effectively means that only the Basic, Classic or other web-based GUI can be used, right?
Also, for me the only reason to use nginx is to facilitate the automatic certbot-driven certificate renewals, which is not that friendly/easy when directly integrating certbot generated certificates in the jetty config of openHAB (Securing Openhab with free ssl Let's Encrypt Certificates and Create openHAB (Jetty) keystore from OpenSSL certificate/key pair · GitHub, and SSL with OpenHAB2 - #2 by Stratehm). Since certbot is a good initiative that we/anyone should support, we should maybe introduce a new servlet in openHAB to accommodate the automatic renewals. This sounds a lot like the OH1 “webapps” stuff which we not use anymore in OH2 (well, static html can be put in conf/html but is not served through the hidden url / well-known)