remove global TLS enable/disable setting

[pgier]

The behavior of this setting is a bit confusing

global:
  tls:
    enabled: false

If it's set to false it acts as a global override, but if it's set to true then it allows sub-resources to enable their TLS settings. I think it would be simpler if this option was just removed, and we just enable TLS on the components that need it.