fix: remove default 'REVERSE_PROXY_TRUSTED_PROXIES = *' from docker config (#12782)

Forgejo's docker containers had `REVERSE_PROXY_TRUSTED_PROXIES = *` configured in them by default.  In the event that the Forgejo sysadmin set the docker environment variable `FORGEJO__service__ENABLE_REVERSE_PROXY_AUTHENTICATION` to the value `true`, *and* an unauthorized user could access Forgejo without traversing a reverse proxy performing authentication, then an unauthorized user could use the `X-WebAuth-User` HTTP header to impersonate any user.  While this is an unlikely set of configuration settings, it seems more prudent for the Forgejo to require a sysadmin to choose an appropriate value for `REVERSE_PROXY_TRUSTED_PROXIES`.  Even in a containerized environment, this value can be used safely and set to reasonable values if firewall-level networking is in use (eg. using [Docker with iptables](https://docs.docker.com/engine/network/firewall-iptables/)), which is the common default for docker systems in 2026.

The intent of this PR is to change the default in Forgejo 16, and to mark it as a breaking change for highlighting in the release notes.  The risk of misconfiguration is not high enough to backport this breaking change to earlier Forgejo releases.

If a sysadmin wants to use the previous configuration, they can set the environment variable `FORGEJO__service__REVERSE_PROXY_TRUSTED_PROXIES` to the value `*`, but it would be recommended that they revise the setting to a narrower set of trusted IPs that they expect reverse proxy connections from.  See the [`[security]`](https://forgejo.org/docs/latest/admin/config-cheat-sheet/#security-security) config block for more information.

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [x] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change.
- [ ] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12782
Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>

docker/root/etc/templates/app.ini

@@ -52,7 +52,6 @@ ROOT_PATH = /data/gitea/log
 INSTALL_LOCK = $INSTALL_LOCK
 SECRET_KEY   = $SECRET_KEY
 REVERSE_PROXY_LIMIT = 1
-REVERSE_PROXY_TRUSTED_PROXIES = *
 
 [service]
 DISABLE_REGISTRATION = $DISABLE_REGISTRATION

docker/rootless/etc/templates/app.ini

@@ -49,7 +49,6 @@ ROOT_PATH = $GITEA_WORK_DIR/data/log
 INSTALL_LOCK = $INSTALL_LOCK
 SECRET_KEY   = $SECRET_KEY
 REVERSE_PROXY_LIMIT = 1
-REVERSE_PROXY_TRUSTED_PROXIES = *
 
 [service]
 DISABLE_REGISTRATION = $DISABLE_REGISTRATION