feat(caddy): support HTTPS upstreams via https:// prefix

When a route's upstream starts with https://, buildCaddyfile emits a
transport http { tls_insecure_skip_verify } block so Caddy connects over TLS
and accepts the self-signed certificate typical of backends like Semaphore.
Added a UI hint explaining the https:// prefix.

server.ts

@@ -82,7 +82,17 @@ function buildCaddyfile(): string {
     lines.push(`${route.hostname} {`);
     if (route.compress) lines.push('    encode zstd gzip');
     if (route.tls) lines.push('    tls internal');
-    lines.push(`    reverse_proxy ${route.upstream}`);
+    if (/^https:\/\//i.test(route.upstream)) {
+      // HTTPS upstream (e.g. Semaphore) — connect over TLS and skip certificate
+      // verification, since such backends typically use a self-signed cert.
+      lines.push(`    reverse_proxy ${route.upstream} {`);
+      lines.push('        transport http {');
+      lines.push('            tls_insecure_skip_verify');
+      lines.push('        }');
+      lines.push('    }');
+    } else {
+      lines.push(`    reverse_proxy ${route.upstream}`);
+    }
     lines.push('}', '');
   }