I’m not familiar with integrating CloudFlare SSL with Trellis LE, but you’ll find some searchable discussion, e.g., this.
Regarding “I can’t seem to turn off the Lets Encrypt,” maybe this will help:
In other words, Trellis and your server will obey your command to turn off LE SSL, but you need to give your personal browser the message too. A different browser that never visited the site will not have the HSTS header set and will not have the issue.