3a96e6d7e7
adding secure middleware to enforce security headers, most of the options can be configured via env variables adding prefix for mcs env variables adding http redirect to https, adding csp report only, etc solving conflicts passing tls port configured by cli to secure middleware update go.sum adding default port, tlsport, host and tlshostname fix tlsport bug