Route CoinGecko via the in-cluster pricing proxy

[TaprootFreak]

Summary

• The api always called `pro-api.coingecko.com` directly with a query-string-keyed Pro key. That works on its own but cache-poisons any HTTP-cache that keys on the URL, and it bypasses the central pricing proxy that already holds the upstream key, runs a 60 s shared cache, and validates upstream error envelopes.
• New `COINGECKO_BASE_URL` env var: when set, requests go to that origin (typically the pricing proxy) and no auth header is added — the proxy injects the key.
• `COINGECKO_API_KEY` remains supported as a direct fallback. Calls now route to `pro-api.coingecko.com` via the `x-cg-pro-api-key` header instead of the cache-unfriendly `x_cg_pro_api_key` query string.
• Bootstrap requires at least one of the two so the service does not silently come up unauthenticated.

Resolution priority

1. `COINGECKO_BASE_URL` set → proxy mode, no key sent from this service.
2. `COINGECKO_API_KEY` set → `pro-api.coingecko.com` + `x-cg-pro-api-key` header.

Test plan

• Build (`npm run build`) passes locally.
• Deploy to dev with `COINGECKO_BASE_URL=http://pricing-proxy:8080/coingecko\` and no `COINGECKO_API_KEY` — confirm price fetches still log success.
• Backwards compat: with only `COINGECKO_API_KEY` set, confirm calls still resolve via `pro-api.coingecko.com`.
• Bootstrap: starting the api with neither var set must throw `COINGECKO_API_KEY or COINGECKO_BASE_URL must be set`.