puppet: Default go-camo to listening on localhost for standalone deploys.

The default in the previous commit, inherited from camo, was to bind
to 0.0.0.0:9292.  In standalone deployments, camo is deployed on the
same host as the nginx reverse proxy, and as such there is no need to
open it up to other IPs.

Make `zulip::camo` take an optional parameter, which allows overriding
it in puppet, but skips a `zulip.conf` setting for it, since it is
unlikely to be adjust by most users.

puppet/zulip/manifests/camo.pp

@@ -1,4 +1,4 @@
-class zulip::camo {
+class zulip::camo (String $listen_address = '0.0.0.0') {
   # TODO/compatibility: Removed 2021-11 in version 5.0; these lines
   # can be removed once one must have upgraded through Zulip 5.0 or
   # higher to get to the next release.

puppet/zulip/manifests/localhost_camo.pp

@@ -1,5 +1,7 @@
 class zulip::localhost_camo {
-  include zulip::camo
+  class { 'zulip::camo':
+    listen_address => '127.0.0.1',
+  }
 
   # Install nginx configuration to run camo locally
   file { '/etc/nginx/zulip-include/app.d/camo.conf':

puppet/zulip/templates/supervisor/go-camo.conf.erb

@@ -1,5 +1,5 @@
 [program:go-camo]
-command=<%= @bin %> --listen=0.0.0.0:9292 -H "Strict-Transport-Security: max-age=15768000" -H "X-Frame-Options: DENY" --verbose
+command=<%= @bin %> --listen=<%= @listen_address %>:9292 -H "Strict-Transport-Security: max-age=15768000" -H "X-Frame-Options: DENY" --verbose
 environment=GOCAMO_HMAC="<%= @camo_key %>"
 priority=15
 autostart=true

puppet/zulip_ops/manifests/camo.pp

@@ -1,5 +1,7 @@
 class zulip_ops::camo {
-  include zulip::camo
+  class { 'zulip::camo':
+    listen_address => '0.0.0.0',
+  }
 
   zulip_ops::firewall_allow { 'camo': port => '9292' }
 }