Ok, I found a solution to your login troubles. HAProxy was only redirecting HTTP to HTTPS on the root path (/), so any direct link or bookmark to an inner page over HTTP would stay on HTTP. Firefox correctly flags that as insecure when there’s a login form on the page.
I’ve fixed the redirect to cover all paths and also enabled HSTS so browsers will automatically upgrade to HTTPS going forward. Should be deployed now. Try reloading and let me know if it’s resolved.