Need both HTTP and HTTPS with client cert auth to work, and without HTTPS redirection

I’m setting up a GitLab instance for my company. Getting it functional was simple, but my use case really needs both HTTPS with client cert and regular HTTP to work at the same time, without any HTTP -> HTTPS redirection.

We want to use plain HTTP internally on our LAN, but we have some remote workers that we want to use it via HTTPS and with client certificate auth. I have client cert auth working just fine, but it seems that GitLab allows only one or the other method of connection.

Can I not use plain HTTP and HTTPS at the same time? We really do not want to mess with requiring certificates internally if we can help it. We only want to secure the internet-facing HTTPS.