Caddy had been on my wishlist for a while, but I didn't want to break something that worked fine. I decided to change that today: in under 30 minutes, I was able to go from a convoluted nginx config maintained by hand and glued with other tools like
certbot, to a ten line long
Caddyfile essentially doing the same thing.
I no longer need to worry about HTTPS certificates (generation or renewal), and fine-tuning the security config. The domain on which I self-host a bunch of tools scores a 115/130 on Mozilla's Observatory after this change. Although that's a bit less than before, it's a massive improvement given I invested 0 seconds configuring the security bits.
Perhaps now I will get around to my self-host wishlist soon…