{"id":"cloudflare-caddy-tls-deployment-pattern","text":"FTL2 deployments use a consistent Cloudflare+Caddy TLS pattern: Cloudflare DNS records are set to DNS-only (not proxied) so Caddy can perform Let's Encrypt ACME challenges on port 80 and terminate TLS directly, avoiding certificate conflicts between Cloudflare and the origin server.","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"cloudflare-caddy-tls-deployment-pattern","truth_value":"IN","reason":"premise"}]}}