Use http.Transport for non-TLS backends (HTTP/1.1 support)

The h2c-only transport (http2.Transport) fails against backends like
Gitea that only speak HTTP/1.1. Switch to standard http.Transport for
non-TLS backends, which handles HTTP/1.1 natively and can upgrade to
h2c if the backend supports it.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

internal/l7/serve.go

@@ -186,16 +186,16 @@ func newTransport(route RouteConfig) (http.RoundTripper, error) {
 		}, nil
 	}
 
-	// h2c: HTTP/2 over plaintext TCP.
+	// Plain HTTP backend. Use standard http.Transport which speaks
-	return &http2.Transport{
+	// HTTP/1.1 by default and can upgrade to h2c if the backend
-		AllowHTTP: true,
+	// supports it. This handles backends like Gitea that only speak
-		DialTLSContext: func(ctx context.Context, network, addr string, _ *tls.Config) (net.Conn, error) {
+	// HTTP/1.1.
-			conn, err := dialBackend(ctx, network, addr, connectTimeout, route)
+	return &http.Transport{
-			if err != nil {
+		DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
-				return nil, err
+			return dialBackend(ctx, network, addr, connectTimeout, route)
-			}
-			return conn, nil
 		},
+		MaxIdleConnsPerHost: 10,
+		IdleConnTimeout:     90 * time.Second,
 	}, nil
 }