Don’t use caddy/caddy. Use caddy instead. The caddy/caddy image is our CI target, and it should not be used outside of our internal use.
Path matching is exact in Caddy. That will only handle exactly /nzbget/ and nothing else. You should use /nzbget/* instead.
I’d recommend using subdomains instead of subpaths. See this article:
Turn on the debug global option on both servers, to see more detailed logs.
I think what’s happening is SNI gets set to 172.16.1.50 instead of dl.l.bradford.la which means the upstream doesn’t know the correct certificate to choose.
Why are you proxying over HTTPS? If this is in your local network, then there’s probably no problem with proxying over HTTP instead. The only concern is if there’s untrusted devices in your network that could intercept the traffic. But that’s probably unlikely.