Some questions/suggestions regarding the new user/auth for UI:
The Current milestone is for early adopters that don’t mind features not fully done and docs not fully written. I find it better than openHAB 2 already but I don’t use habpanel.
Hello,
i would to ask/propose a change. Previously the ui was under /paperui/index.html, but now the new ui (which is great by the way) lives at the root (/) of the server. This makes it totally impossible to put openhab behind reverse proxy. a typical use case is : having grafana and openhab on one server, and exposing these services thru apache/nginx.
Could the ui be hosted under a folder of some kind ? for instance /oh/*
Cheers,
Henri
The proper place to propose that is as a GitHub issue. Since OH3 has reached Milestone 1, I doubt it would be changed before OH4.
I think this would be the proper place.
oh okay. i suppose it will make oh unusable for many users including me then… 
i submitted the issue nontheless.
I think there are some non-breaking ways this could be implemented which would make it suitable for OH 3 at some point. But I’m not convinced it’s impossible to set up the reverse proxy to support it as it is. I’m pretty sure back when I was using that sort of reverse proxying I had the root OH Dashboard as well as Grafana behind the same proxy with Grafana at the root.
Now that LetsEncrypt supports wildcard certs now I just pay a little bit for a custom domain that supports reverse DNS and put the services higher up in the url, for example https://openhab.my.domain and https://calibre.my.domain.
Could you please explain your concerns in detail? My OH3 instance successfully runs behind a Traefik reverse proxy (which is, in fact, running behind an Apache2 reverse proxy). Thus, I cannot confirm this issue.
Best,
C.
thanks Christian for getting back to me. the problem is when you have multiple services on the server.
ideally i would put each service under a subpath like
/grafana
/openhab
etc.
but openhab is both located at the root of the webserver, and uses absolute paths. so i cannot relocate it under a subpath and share the same http server for grafana and oh. but maybe i missed smth ? 
That right there sounds like the issue to me. I usually try to avoid absolute paths on internal URLs.
Exactly. Traefik is the way to go ! In addition, automatic certificate generation/renewal per vhost!
There were some difficulties with relative paths but not so major, so it’s not out of the question to have it fixed eventually. In the meantime you can have multiple virtual hosts served by the same server.
No need to pay for certificate. Traefik can generate on the fly one certificate per vhost thanks to SNI !
I don’t pay for the certificate. I pay for the domain and use LetsEncrypt so I can have certificates that are issued by an already generally trusted CA. I don’t want to have to install the CA cert on all my client machines.
One possibility is to use subdomains for the different services, e.g. “openhab.iot.internal” and “grafana.iot.internal”. That’s the way I do it.
Otherwise you have to configure the reverse proxy to rewrite the paths. I think that all major webservers provide mechanisms for this.
Best,
C.
Traefik does that with letsencrypt of course
19 services, running on the same public IP, the same port, just with different host names and URLs, and a wildcard DNS record.
7 services, running on the same public IP, the same port, just different host names and URLs, and a wild card DNS record using HAProxy on pfSense. Traefik is a great product but it’s not like it’s the only one that can do that. Any reverse proxy can. But we are getting off topic for this thread.
Yeah of course it’s not the only one. The cool thing with it is that it’s mostly dynamic - associated with containers - nothing to configure manually by hand But true - off topic
i agree this is going a bit of topic. sorry for having triggered this. And thanks guys !
i did not think of multiple domains a little more complicated in particular with SSL in mind, but definitely doable!
cheers! and let’s get back on topic !
I think you mixed up OH and Openhabian? The latter is the operating system your RasPi runs and OH is a service on top of that, basically independend from the underlying OS. So yes, OH can be updated independently from Openhabian. But new prerequisites need to be fulfilled, e.g. Java needs to be upgraded to version 11 instead of version 8 as needed with OH 2.x.
Currently Openhabian does not support a migration of OH from 2.x to 3.0 yet as OH 3.0 is still in milestone state. But a migration is possible and intended. I did it manually on a spare RasPi and it looks promising. A migration will take over your existing configuration, as far as it makes sense/is possible. But as you stated you wanted to start from scratch: you may do that as well by taking a backup of your entire installation or at least your OH2 installation, uninstall OH2.x and install 3.0. Everything else should remain untouched that way.
IIRC there was talk to remove the DSLR rule engine in openhab 3.0. Is this still the case?
