feat: add trust_forwarded_proto option for SSL redirect handling in reverse proxy scenarios

When Nginx is behind another proxy server (like CloudFlare or AWS ALB), the force-SSL
feature can cause redirect loops because Nginx sees the connection as plain HTTP
while SSL is already handled upstream. This adds a new boolean option to trust
the X-Forwarded-Proto header from upstream proxies.

Changes:
- Add `trust_forwarded_proto` column to proxy_host table (migration)
- Update model and API schema to support the new boolean field
- Modify force-ssl Nginx template to check X-Forwarded-Proto/X-Forwarded-Scheme
- Add map directives in nginx.conf to validate and sanitize forwarded headers
- Add advanced option toggle in frontend UI with i18n support (EN/ZH)
- Set proxy headers from validated map variables instead of $scheme

This allows administrators to control SSL redirect behavior when Nginx is deployed
behind a TLS-terminating proxy.

backend/schema/paths/nginx/proxy-hosts/hostID/put.json

@@ -56,6 +56,9 @@
 						"hsts_subdomains": {
 							"$ref": "../../../../components/proxy-host-object.json#/properties/hsts_subdomains"
 						},
+						"trust_forwarded_proto": {
+    						"$ref": "../../../../components/proxy-host-object.json#/properties/trust_forwarded_proto"
+						},
 						"http2_support": {
 							"$ref": "../../../../components/proxy-host-object.json#/properties/http2_support"
 						},

backend/schema/paths/nginx/proxy-hosts/post.json

@@ -48,6 +48,9 @@
 						"hsts_subdomains": {
 							"$ref": "../../../components/proxy-host-object.json#/properties/hsts_subdomains"
 						},
+						"trust_forwarded_proto": {
+    						"$ref": "../../../components/proxy-host-object.json#/properties/trust_forwarded_proto"
+						},
 						"http2_support": {
 							"$ref": "../../../components/proxy-host-object.json#/properties/http2_support"
 						},