Middleware for redirecting service basepath to PathPrefix

This does not work, as stated before.

GUI web apps usually send links for redirects, scripts, images with absolute paths (/login, /scripts/, /img/). Removing a prefix is easy, but adding a prefix for an unknown target is impossible. (How should middleware know if /login should be /graf/login or /node/login)

This only works if all those apps allow to configure some kind of "base path".

Alternative approach to avoid LE limits: switch the order of the sub-domains:


Then you only need 4 wildcard TLS certificates.