Question: If HTTPS is forced, then why bother about a fallback... or isset($_SERVER['HTTPS']?
The automatic redirection can be easily done in Apache, before it even gets to the CI code... this would likely be the easiest and "cleanest" solution in terms of the code and side-stepping the need for band-aids over all the possible holes (?).
The other question I would ask is whether $_SERVER[' HTTP_HOST'] is necessary either (particularly on a small Raspberry PI)... and then mostly only because- be it correct or not- many folk don't trust very much of what comes out of $_SERVER.