issue 23628 admin site api

[wezell]

ref: #23628

This PR creates the idea of a canonical ADMIN_SITE_URL which is the URL that is used to manage the site. If that config variable is set then any admin URLs, e.g. /dotAdmin will not be available on any other domain that points to the site. It will also automatically set the x-robots-tag: noindex, nofollow on any site that is marked as admin as well.

The ADMIN_SITE_URL can only be set as a ENV or system config variable.

Lots of config switches:

• ADMIN_SITE_ENABLED : boolean. This functionality is disabled by default and can be enabled by setting this variable to true
• ADMIN_SITE_URL : String. the main canonical url for all admin requests - this is protocol :// domain (:optional port), e.g. https://admin.dotcms.com or https://my.supersite.com:8443.
• ADMIN_SITE_REQUESTS_FORCE_SECURE : boolean. defaults to false, can be set to force https (or 8082) for all admin requests
• ADMIN_SITE_REQUEST_HEADERS : comma separate list. response headers to add to request to admin sites. Defaults to x-robots-tag: noindex, nofollow
• ADMIN_SITE_REQUEST_DOMAINS: comma separate list. domains that should be considered as "admin only" domains. These values are automatically added to this list:

"dotcms.com",
"dotcms.site",
"dotcms.io",
"dotcms.host",
"dotcms.cloud",
"dotcmscloud.com",
"localhost"

• ADMIN_SITE_REQUEST_DOMAINS_EXCLUDE : comma separate list. remove these domains from the list of admin domains
• ADMIN_SITE_REQUEST_URIS : comma separate list. uris that should be considered as "admin only" uris. These values are already added to this list:

"/html/",
"/admin/",
"/c/",
"/servlets/",
"/categoriesservlet/",
"/dwr/",
"/dotajaxdirector",
"/dotscheduledjobs",
"/dotadmin/",
"/jsontags/",
"/edit/",
"/servlet/"

• ADMIN_SITE_REQUEST_URIS_EXCLUDE : comma separate list. Remove these URIS as admin URIs