Add support for disabling force_ssl for SSL-terminating reverse proxies

[ezekg]

See: maybe-finance/maybe#308. Campfire does the below in config/environments/production.rb, so we should follow suite:

# Always be SSL'ing (unless told not to)
config.assume_ssl = ENV["DISABLE_SSL"].blank?
config.force_ssl  = ENV["DISABLE_SSL"].blank?

Ref: https://github.com/keygen-sh/campfire/blob/f75357eca673fe6f0dce8d5ee98b5d891d330b86/config/environments/production.rb#L58-L60

[ezekg]

It's worth mentioning that any well-behaved reverse proxy should be setting the X-Forwarded-* headers. Namely, X-Forwarded-Proto, which Rails uses to determine if the request is coming from an TLS-terminating reverse proxy. If X-Forwarded-Proto: https, then Rails will NOT redirect the request, because it knows it's coming from a TLS-terminating reverse proxy. So the only case where config.force_ssl = false is actually needed is for misbehaving reverse proxies.

Not needed: maybe-finance/maybe#308 (comment).