fastcgi: Parse address from fastcgi directive, pass results to Dial()

This allows scheme prefixes "tcp://" and "fastcgi://" in configuration.

Fixes #540

wrap lines to 80

also update copyright year.

Challenge names now have their own type and constants

proxy: add a insecure_skip_verify option - closes #320

letsencrypt: Fix perm of user key

gzip: Add .svg to default ext list

Also only set custom address if alternate port is specified (rather than using a blank address; just cleaner this way)

gzip: Fix for wrong content-type when templates is used.

This change fixes the scenario where you reload the config and it tries to obtain a cert from the ACME server, but no email address is found or terms have not been agreed to in-process. This is unfortunate but it should not stop the server from reloading, so we assume empty email address in this case.

This prevents serving HTTPS over port 80 or HTTP over 443. It's confusing and we don't allow it.

It is unexpected to serve localhost on port 443 or any server on 443 if TLS is disabled, even if the port is blank. Also don't warn about how to force TLS on the HTTP port.

The docs link to this structure and all its methods related to the browse template; keeping them together makes it possible to link to the whole block of code that is relevant.

Doesn't test the SkipInsecureVerify proxy setting, but that can be done at another time.