Yep, you’re looking for On-Demand TLS:
Another user on the forums was setting this up as well today:
Also FYI:
header_up X-Forwarded-For {http.request.remote}
header_up X-Forwarded-Proto {http.request.scheme}
These lines are unnecessary, Caddy adds those on its own.
You can also use these shortcuts in the Caddyfile instead of the long form for placeholders:
And finally, you don’t need to use the to subdirective for `reverse_proxy, you can simplify it to this:
reverse_proxy https://myapp.herokuapp.com {
...
}