SpawnWP 0.3.0

This release removes HTTP Basic Auth. The cockpit is protected by mandatory SpawnWP authentication over HTTPS.

Upgrades validate and reload the revised Nginx configuration before deleting legacy Basic Auth state. Existing services are preserved. A pre-migration Nginx copy is retained as /etc/nginx/sites-available/spawnwp.pre-0.3.0 for manual recovery.

Authentication endpoints now have an additional Nginx rate limit. Adminer and Mailpit remain protected by the cockpit session through Nginx auth_request.