I was trying to do some tests to compare kubernetes resource usage of nginx+php-fpm, nginx unit with php module and frankenphp (based on caddy). For reasons that are not relevant I need the service to be exposed on both ports 80 and 443 and do both plain HTTP and HTTPS. The host is not fixed because there is a public DNS but also the cluster-internal service name.

With nginx+php-fpm and nginx unit it was dead easy: here's port 80, here's a self-signed cert for TLS so listen also on 443. That's it. it works.

With Caddy it was so frustrating to see so many assumptions and "automatic redirects, trust me, this is what you want" and no obvious manual override that I just gave up. What I got working before I gave up was either only port 80 which is not good enough, either only port 443 which is also not good enough or both but 80 redirects to 443.