Oh, I'm trying to keep my StartOS config as "dumb" as possible, so I only try to mess with configuration via the web UI, and it doesn't expose the option of changing the protocol for CLNRest, just enabling/disabling the whole plugin. Guess they leave that HTTPS-default, which makes sense as they are/have added clearnet-support for StartOS.