Ahh, that part’s easy. I got thrown off a bit when you said you wanted to disable TLS, but what you’re after is disabling Caddy’s automatic HTTPS redirection, because that’s what will be stopping clients from accessing HTTP.
There was a discussion not too long ago about disabling HTTP → HTTPS redirection for a specific group of clients:
There’s an example configuration in the linked post, but the gist is that you’ll need a HTTPS vhost as well as an identical HTTP vhost with extra configuration to redirect all clients who are NOT your updater to the HTTPS site.