As an Administrator, I want that all public traffic to the LokiStack gateway is using exclusively the HTTPS protocol and traffic to the gateway k8s service is re-encrypted using a reencrypt termination policy.

Acceptance criteria

• The Loki-Operator reconciles only an HTTPS route for the LokiStack gateway
• The HTTPS route is using reencrypt termination policy.

Developer Notes

• Adapt the current route spec to use a TLS termination policy re-encrypt. Means TLS termination is done by the router and https is used to communicate with the backend.
• Expose a new lokistack gateway server for the `tls.server` listener that is annotated with a cert-signing annotation, e.g.

  service.beta.openshift.io/serving-cert-secret-name: lokistack-dev-gateway-http

• Ensure the observatorium-api exposes the API only via HTTPS on port 8080, e.g.:

  -tls.server.cert-file
  -tls.server.key-file 

• Ensure the observatorium-api allows healthchecks on port 8080 via HTTPS, e.g.:

  -tls.healthchecks.server-ca-file
  -tls.healthchecks.server-name
  

• Ensure all CA references are using the auto-mountend service-ca provided by the ServiceCAOperator (See more details on the docs)

   /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
  

• Ensure TLS for the server listener on port 8080 can be enabled/disabled via feature flag like with the mertrics listener.