[breaking-change] Listen only on localhost by default.

It is expected that in most deployments, a reverse proxy server like
Caddy or Nginx will be connecting to Caddy; listening on any address
by default is a privacy and security concern.

conf/Caddyfile

@@ -25,11 +25,5 @@ https://, http:// {
 		on_demand
 	}
 
-	# initial PUT/POST for a new domain has to happen over HTTP
-	@upgrade `method('GET') && protocol('http')`
-	redir @upgrade https://{host}{uri} 301
-
 	reverse_proxy http://localhost:3000
-	header Alt-Svc `h3=":443"; persist=1, h2=":443"; persist=1`
-	encode
 }

conf/config.example.toml

@@ -6,9 +6,9 @@ log-level = "info"
 
 [server]
 # Use "-" to disable the handler.
-pages = "tcp/:3000"
-caddy = "tcp/:3001"
-metrics = "tcp/:3002"
+pages = "tcp/localhost:3000"
+caddy = "tcp/localhost:3001"
+metrics = "tcp/localhost:3002"
 
 [[wildcard]] # non-default section
 domain = "codeberg.page"

src/config.go

@@ -74,9 +74,9 @@ type Config struct {
 }
 
 type ServerConfig struct {
-	Pages   string `toml:"pages" default:"tcp/:3000"`
-	Caddy   string `toml:"caddy" default:"tcp/:3001"`
-	Metrics string `toml:"metrics" default:"tcp/:3002"`
+	Pages   string `toml:"pages" default:"tcp/localhost:3000"`
+	Caddy   string `toml:"caddy" default:"tcp/localhost:3001"`
+	Metrics string `toml:"metrics" default:"tcp/localhost:3002"`
 }
 
 type WildcardConfig struct {