Same question here. It makes little sense to have OIDC if my frontend is still able to be bruteforced. Spinning up some container proxy just to regulate access to unraid with ANOTHER layer of OIDC just feels dumb when a "only allow password login from these IP-Ranges" could literally solve this.