Add TLS for rdio-scanner hosts with a FQDN

Ideally internet-accessible rdio-scanner hosts will have TLS via Let's Encrypt. Perhaps try the community.general.fqdn_valid test to enable Let's Encrypt install/configuration if the rdio-scanner host is a domain name. We should also short-circuit this check with some sort of never_use_tls variable defaulted to false, in case this is a local-only setup that uses internal DNS or the local hosts file.

fqdn_valid test: https://docs.ansible.com/ansible/latest/collections/community/general/fqdn_valid_test.html

Either set up a cron job for automatic cert renewal, or have a third kind of task tag just to manually renew the cert.