feat(caddy): support HTTPS upstreams via https:// prefix

When a route's upstream starts with https://, buildCaddyfile emits a
transport http { tls_insecure_skip_verify } block so Caddy connects over TLS
and accepts the self-signed certificate typical of backends like Semaphore.
Added a UI hint explaining the https:// prefix.

ARCHITECTURE.md

@@ -464,6 +464,9 @@ Manual:  POST /api/semaphore/trigger/{bookingId}  body { type: 'setup'|'teardown
 buildCaddyfile():
   { local_certs }                          # global block
   per custom route { [encode] [tls internal] reverse_proxy <upstream> }
+  upstream prefixed with https:// → reverse_proxy gets a
+    transport http { tls_insecure_skip_verify } block
+    (for self-signed TLS backends like Semaphore)
 
 importCaddyfileRoutes():  reads /etc/caddy/Caddyfile on first Caddy enable
   parses hostname/upstream blocks → seeds caddy table as custom routes