You can configure static IPs in your docker-compose network
Another option is setting up On-Demand TLS which uses your local CA, which would work for serving IP certs on the fly, but it would also open the door for abuse.
If I were you, I’d just run a local DNS server (something like CoreDNS possibly) that resolves whatever your redacted.com is, to the LAN IP of your machine running Docker/Caddy. That way, requests from within your LAN will resolve to the LAN IP, and requests from outside will use the WAN IP.
A CoreDNS Corefile might look like this:
. {
hosts {
192.168.1.25 redacted.com
fallthrough
}
forward . 8.8.8.8
}
So it would resolve redacted.com to 192.168.1.25, and anything else will be forwarded to 8.8.8.8, i.e. Google’s DNS. You can change this however you like.
Then configure your router or your individual machines to use the IP of whatever machine you run CoreDNS on, as their DNS server instead.