From: "Omar Polo" Subject: Re: gotwebd website support To: Stefan Sperling Cc: gameoftrees@openbsd.org Date: Fri, 19 Dec 2025 16:10:53 +0100 Stefan Sperling wrote: > On Tue, Dec 09, 2025 at 01:27:39PM +0100, Stefan Sperling wrote: > > Thinking about this some more, I think you are right that we should > > allow authentication for websites to be configured by the user. > > > > The website and authentication features are orthogonal, i.e. there are > > no bad side effects from flipping them on/off independently. > > > > When authentication settings are inherited from global or server scope, > > not having them apply inside a website block might be surprising. When > > authentication is enabled globally, we will probably be going to meet > > user expectations better when they have to type 'disable authentication' > > explicitly before a website is exposed. > > > > And there will probably be use cases for having authentication enabled > > for websites. E.g. blocking crawlers temporarily, reviewing websites > > that are still in draft stage among a private group of people, and > > restricting access to private information related to a project where > > this information is displayed on a website for convenience. > > > > There would be little maintenance effort for us to support this. > > We could make website blocks embed 'enable authentication' and 'disable > > authentication' statements much like repository config blocks do, using > > the same inheritance semantics. > > Diff for the above. > > ok? sorry for the delay; only lightly tested so far but ok op@ will continue testing the hell out of it before next release :) Thanks! Omar Polo