Right now we have the --address flag which sets the listen address for Coder. I propose we add a new flag --https-address (CODER_HTTPS_ADDRESS) and change the behavior of coderd to the following:

If neither flag is set or ONLY --address is set, and TLS certs ARE NOT specified:

• Listen on HTTP at --address (or default)

If neither flag is set or ONLY --address is set, and TLS certs are specified:

• Listen on HTTPS only at --address (or default)

If --https-address is set and --address is NOT:

• Require that TLS certs are set or fatally exit
• Listen on HTTPS only at --https-address

If BOTH --https-address and --address are set:

• Require that TLS certs are set or fatally exit
• Listen on HTTPS at --https-address
• Listen on HTTP at --address

I believe this be backwards compatible by keeping the same behavior around --address on it's own, while only introducing the new behavior when --https-address is specified.