Turnkey SSL hosting correctly

Hi there!
It's me again from a few days ago regarding Concrete5.
I realize that whatever I do doesn't really work and I need to reconfigure out I do things. I'd love some tips on what I could do instead, or how I should be doing it. Apologies if this is out of scope.
I have 1 public facing dynamic IP. I have ports 80 and 443 forwarded to server 192.168.0.199 where Caddy is sitting. Caddy works similar to Nginx (albeit much simpler) in reverse proxying to various services with automated SSL via Let's Encrypt or ZeroSSL. 

Caddy then takes domains and redirects to the various servers hosting the various things. Config looks similar to:

media.domain.example {
        reverse_proxy 192.168.0.111:8000
        encode gzip zstd
}

radarr.domain.example {
        reverse_proxy 192.168.0.111:8001
        encode gzip zstd
}

sonarr.domain.example {
        reverse_proxy 192.168.0.111:8002
        encode gzip zstd
}

files.domain.example {
        reverse_proxy 192.168.0.111:8003
        encode gzip zstd
}

tasks.domain.example {
        reverse_proxy 192.168.0.122:8000
        encode gzip zstd
}

office.domain.example {
        reverse_proxy 192.168.0.133:8000
        encode gzip zstd
}

demo.domain.example {
        reverse_proxy 192.168.0.144
        encode gzip zstd
}

erp.domain.example {
        reverse_proxy 192.168.0.155:8000
        request_header Referer 192.168.0.155
        request_header Host 192.168.0.155

}

This is fantastic as I only need 1 public facing IP. The problem is Turnkey, is trying to be smart and do the same thing.

I am trying to setup the concrete5 container inside of Proxmox. I have set the title to just apache SSL since this is a problem that would affect just about every container using SSL.

For concrete5 where the apache rewrite logic only forces SSL to redirect on the login page, the normal webpage loads, but login will not work since both Caddy and Apache are fighting to give me SSL.

I believe I am simply missing some vital piece of information to understand how this should all work together, so I ask for some assistance if you're willing to offer it.

What would you recommend in terms of using reverse proxies with turnkey servers? How should this be setup?

Thank you again in advance for the help. Your knowledge is truly appreciated.