Each target can now have an HTTP port with a checkbox to enable
automatic redirect to HTTPS. Configurable in WebUI and API.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
nginx:alpine symlinks access.log/error.log to /dev/stdout and
/dev/stderr by default, so tail reads nothing.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Derive secret_key from credentials instead of random generation,
so sessions survive container restarts and work across workers.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Session-based login page instead of HTTP Basic Auth
- /ca.crt download works without login for easy device access
- HTTP port (default 8080) redirects to HTTPS automatically
- Nginx access/error log viewer in WebUI
- API still supports Basic Auth for curl/scripts
- Logout button and log navigation in header
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Detailed CA import instructions for Chrome, Firefox, Android,
iOS/iPadOS, macOS, Windows, Linux
- /ca.crt endpoint for easy browser download (no auth required)
- Download button in WebUI header
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Nginx reverse proxy with WebUI and REST API for configuration
- Self-signed SSL certificate with own CA (100 years validity)
- Domain-based and IP/port-based routing
- Docker setup with host network mode
- All settings configurable via .env
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Stefan Hacker