See The "subfolder problem", OR, "why can't I reverse proxy my app into a subfolder?", that’ll be true for most apps. It’s not an easy problem to solve. Subdomains are the way to go.
You don’t have to use a wildcard cert in Caddy if you used a wildcard DNS record. You can use individual subdomains in your Caddyfile and just have the one * wildcard DNS A record pointing to your IP address.
Please upgrade to the latest version, 2.8.4. It solves some issues surrounding DNS challenge propagation checks.
But are you sure you actually need a wildcard cert? You could just use the ACME HTTP challenge if I understand your setup, simpler config and no need for a DNS plugin.