frontend: Avoid streaming git tarballs to index-server

Created by: tsenart

The frontend currently streams all git-tarballs requested by zoekt-index-server.

This showed up in profiles as a CPU hog, due to the gzip compression happening in the middleware.

A more efficient alternative to this design is to respond to these requests with an HTTP 302 pointing to git-server, from which index-server would download the git tarball directly.

Question: Is there a good reason why index-server couldn't bypass the frontend entirely? It doesn't seem like there's any authN or authZ in these internal endpoints.