>>102526304
Responding to myself with the solution that currently works:
pve.home.arpa {
reverse_proxy 192.168.254.31:8006 {
transport http {
tls_insecure_skip_verify
}
}
}
Obviously this isn't safe for anything exposed to the internet, but none of my setup is. I'm looking into how caddy handles certs so I can do the more secure thing.