reggie: Allow pushes from clients on the cluster network

Output the cluster pod and service subnets from terraform. They are set as environment variables $CR_CLUSTER_SUBNET and $CR_CLUSTER_SERVICE_SUBNET respectively.

Add an http-snippet to the ingress-nginx config that uses a geo directive to set a variable called $is_cluster_subnet based on the client IP and the aforementioned subnets. This variable is then used in reggie's ingress server-snippet to conditionally restrict the HTTP method allowed.