Only add HTTPS redirect when it's needed

ansible/host_vars/casey.yml

@@ -1,3 +1,5 @@
 nebula_is_lighthouse: true
 nebula_listen_port: "{{ nebula_lighthouse_port }}"
 ssh_extra_allowed_users: f2b@{{ nebula.cidr }} f2b@{{ pve_hosts.internal_cidr }}
+
+nginx_https_redirect: true

ansible/host_vars/ingress.yml

@@ -1,2 +1,4 @@
 # Listen on a static port so it can be opened in the firewall
 nebula_listen_port: "{{ nebula_lighthouse_port }}"
+
+nginx_https_redirect: true

ansible/roles/nginx/defaults/main.yml

@@ -0,0 +1 @@
+nginx_https_redirect: false

ansible/roles/nginx/tasks/main.yml

@@ -36,3 +36,4 @@
     mode: "0644"
   become: true
   notify: reload nginx
+  when: nginx_https_redirect