Implement HTTP-only mode

This is very useful for reserve proxies
in cases when TLS passthrough is not desired.

config/assets/test_config.toml

@@ -9,6 +9,7 @@ mainDomain = 'codeberg.page'
 rawDomain = 'raw.codeberg.page'
 allowedCorsDomains = ['fonts.codeberg.org', 'design.codeberg.org']
 blacklistedPaths = ['do/not/use']
+httpOnlyMode = false
 
 [gitea]
 root = 'codeberg.org'

config/config.go

@@ -18,6 +18,7 @@ type ServerConfig struct {
 	PagesBranches      []string
 	AllowedCorsDomains []string
 	BlacklistedPaths   []string
+	HttpOnlyMode       bool   `default:"false"`
 }
 
 type GiteaConfig struct {

config/setup.go

@@ -84,6 +84,9 @@ func mergeServerConfig(ctx *cli.Context, config *ServerConfig) {
 	if ctx.IsSet("blacklisted-paths") {
 		config.BlacklistedPaths = ctx.StringSlice("blacklisted-paths")
 	}
+	if ctx.IsSet("http-only-mode") {
+		config.HttpOnlyMode = ctx.Bool("http-only-mode")
+	}
 
 	// add the paths that should always be blacklisted
 	config.BlacklistedPaths = append(config.BlacklistedPaths, ALWAYS_BLACKLISTED_PATHS...)