Split up ACME challenges

Help
1

still trying to figure out (as I have a “fun” challenge):

using example.com for the “public IPs” accessible via firewall, and example.net for internal (RFC1918 IPs).

api.example.com api.example.net {
  reverse_proxy internal:port
}

how would I specify that api.example.com is normal HTTP01 and api.example.net in DNS01 authentications? or would I have to duplicate/split them (using snippets to simplify Caddyfile)?

2

Yeah, in this case you should split this into two sites:

api.example.net {
	tls {
		dns <provider>
	}
	reverse_proxy internal:port
}

api.example.com {
	reverse_proxy internal:port
}

Note that I moved your post into a new topic because it’s not strictly relevant to the wiki, but is its own question.