`force-ssl-redirect` by default?

[FrederikNJS]

What question do you have?:
Is it possible to enable force-ssl-redirect on Ingress resources by default?

I can see that you can enforce on each individual Ingress by setting ingress.kubernetes.io/force-ssl-redirect: "true" annotation on the Ingress, but I would like this to be the default behaviour, as I want all our Ingresses to be HTTPS only. I never want anyone to access any of our Ingresses using plain-text HTTP.

Of course if you were to set this to enabled by default, it would still make sense to be able to disable it per Ingress using the ingress.kubernetes.io/force-ssl-redirect: "false" annotation

Environment:

• Contour version: 1.32.0
• Kubernetes version: (use kubectl version): 1.30.13
• Cloud provider or hardware configuration: AWS EKS
• OS (e.g. from /etc/os-release): Bottlerocket OS 1.41.0

[github-actions]

Hey @FrederikNJS! Thanks for opening your first issue. We appreciate your contribution and welcome you to our community! We are glad to have you here and to have your input on Contour. You can also join us on our mailing list and in our channel in the Kubernetes Slack Workspace