ACME: TLS-ALPN-01 challenge support

[mutantmonkey]

• [x] I have read this document: https://miniflux.app/opinionated.html#feature-request

Due to the high cost of IPv4 addresses, I have to share an IPv4 address across multiple different services, with each service getting its own dedicated IPv6 address and a private IPv4 address (with NAT), and an nginx reverse proxy in front of everything that terminates TLS.

I've recently started looking into using an SNI proxy for IPv4 (such as snid) to pass TLS connections directly through to the service without terminating TLS. This requires that all connections made to the backend service use TLS. Miniflux's integrated ACME support for automatically obtaining certificates currently only supports the HTTP-01 challenge type, which unfortunately won't work with this setup. The TLS-ALPN-01 challenge type works purely at the TLS layer and will work with an SNI proxy like this.

I understand the desire to avoid bloat, so if adding an additional flag to support this is a concern, I'm wondering if it may actually make sense to replace the existing HTTP-01 challenge support with this instead. This would also eliminate the need for Miniflux to ever listen on port 80.