But most people don't want or know how to automate. HTTPS is supposed to be used on very site but not every site is setup by a developer. That's a basic flaw that will make it problematic to have these kinds of HTTPS-only policies.

Having done both, it's far easier to set up one of Let's Encrypts automatic tools than it is to install a certificate manually.

End users won't be configuring their own servers anyway. At best they'll get a cPanel (which using AutoSSL, can then support Let's Encrypt).

If one can't handle setting up Let's Encrypt, they should host their content on a platform where others take care of things like HTTPS for them.