[AAP-64061] Add nginx log markers and remove direct routes for Controller

[TheRealHaoLiu]

SUMMARY

Add nginx log markers for X-Trusted-Proxy and X-DAB-JW-Token headers to enable
detection of direct component access vs gateway-proxied requests in AAP 2.7.

Changes:

• Add map directives in nginx http block to detect presence of X-Trusted-Proxy and X-DAB-JW-Token headers
• Update log_format to append $trusted_proxy_present and $dab_jwt_present markers
• Add explicit error_log /dev/stderr warn; directive
• Remove redirect page configmap template and all references (install task, web deployment volume mount, volume definition, checksum annotation)

This is part of the broader effort to remove direct API access to platform components (ANSTRAT-1840).
The log markers enable the aap-detect-direct-component-access tool to identify requests
that bypass the AAP gateway.

ISSUE TYPE

• New or Enhanced Feature

ADDITIONAL INFORMATION

Nginx log format before:

$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"

Nginx log format after:

$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for" $trusted_proxy_present $dab_jwt_present

The two new fields at the end will show:

• trusted-proxy / - — whether the request has the X-Trusted-Proxy header (set by gateway)
• dab-jwt / - — whether the request has the X-DAB-JW-Token header (set by gateway)

Requests showing - for both markers indicate direct component access that bypasses the gateway.

[TheRealHaoLiu]

Closing — this PR combined nginx log markers and redirect page removal. Splitting into separate PRs. Nginx log markers: see new PR.