So in a nat situation where home.mydomain.com:443 is open to caddy and caddy pushes https requests off to a valid internal service that responds and all is fine in the world.
Now due to a change in some policies, I’m hoping to be able to continue to have the http service on port 443 open, but when I connect to the same port and domain via ssh that I can determine that and forward that off to somewhere else.
Is that possible? Some sort of header or protocol interrogation where if ssh go to the .10 machine otherwise got to the .15 machine?
Caddy can route HTTP requests to different upstream servers, but it can’t route different protocols. You can forward arbitrary TCP traffic with the net server type, but that also can’t route based on protocol.
SSH uses port 22 by default. Like @CryptoSpartan suggested, forward that from your router to the .10 host, continue forwarding port 443 (default HTTPS) to your Caddy host.
If you’ve only got one port to play with, though, Caddy won’t be able to help you get SSH happening (unless you use Caddy to proxy a web service like Guacamole which hosts a web-based SSH terminal).
Unfortunately, what you’re asking for specifically will not work. Caddy’s HTTP server can route via hostname, but it can’t talk SSH, only HTTP(S). The net server type can talk TCP (so it can forward any traffic you like), but won’t be able to route based on the hostname.