Filter '/-/' path from externally visible nginx endpoints

Currently we protect metrics and healthcheck endpoints via special token that is required to access them. This token is burdensome to change and manage. It is not entirely safe since that token can easily be leaked via tools not meant to hold secrets.

This MR introduces blocking of healthcheck and metric endpoints prefixed with '/-/' from other host than localhost with additional caveat that no X-Forwarded-For header must be present.

/cc: @pcarranza @bjk-gitlab @marin

Related to: gitlab-ce#29118