Adding a pull-through proxy should not disable auth

[shaunco]

Pull-through proxies are used to bring in additional images during reads from the upstream proxy, but only if the requested image is not found locally. Image pushes do not use the proxy, and always write locally. As such, this block of the config template makes no sense:

https://github.com/balena-io/open-balena-registry/blob/5672e4658634866de34929f927d566833e763ba8/config/confd/templates/docker-registry.yml.tmpl#L18C18-L30

{{if eq (getenv "REGISTRY2_PROXY_ENABLED" "false") "true"}}
proxy:
  remoteurl: {{getenv "REGISTRY2_PROXY_REMOTE_URL" "https://registry-1.docker.io"}}
  username: {{getenv "REGISTRY2_PROXY_USERNAME"}}
  password: {{getenv "REGISTRY2_PROXY_PASSWORD"}}
{{else}}
auth:
  token:
    service: {{getenv "REGISTRY2_HOST"}}
    realm: {{getenv "REGISTRY2_TOKEN_AUTH_REALM"}}
    issuer: {{getenv "REGISTRY2_TOKEN_AUTH_ISSUER"}}
    rootcertbundle: /tmp/registry-tokenauth.crt
{{end}}

Auth should not be disabled simply because a pull-through proxy is defined.