roles: strict truthy values

According to Ansible we can use yes, true, True, "or any quoted st-
ring" for a boolean true, but ansible-lint wants us to use either
true or false.

See: https://chronicler.tech/red-hat-ansible-yes-no-and/

roles/nginx/templates/https.j2

@@ -1,7 +1,7 @@
 {# helper variables and per-site defaults that we can't set in role defaults #}
 {% set domain_name       = item.domain_name %}
-{# assume HSTS is off unless a vhost explicitly sets it to True #}
-{% set enable_hsts       = item.enable_hsts | default(False) %}
+{# assume HSTS is off unless a vhost explicitly sets it to true #}
+{% set enable_hsts       = item.enable_hsts | default(false) %}
 
     {# first, check if the current vhost has a custom cert (perhaps self-signed) #}
     {% if item.tls_certificate_path is defined and item.tls_key_path is defined %}
@@ -31,7 +31,7 @@
     ssl_prefer_server_ciphers on;
 
     {# OSCP stapling only works with real certs #}
-    {% if use_letsencrypt == True or item.tls_certificate_path %}
+    {% if use_letsencrypt == true or item.tls_certificate_path %}
     # OCSP stapling...
     ssl_stapling on;
     ssl_stapling_verify on;
@@ -47,7 +47,7 @@
     # of such infrastructure, consider turning off session tickets:
     ssl_session_tickets off;
 
-    {% if enable_hsts == True %}
+    {% if enable_hsts == true %}
     # Enable this if you want HSTS (recommended, but be careful)
     # Include all subdomains and indicate to Google that we want this pre-loaded in Chrome's HSTS store
     # See: https://hstspreload.appspot.com/