To get a TLS certificate from Let’s Encrypt, they need to verify that you are in control of your domain. For regular domains, this can be done via HTTP, for wildcard certificates they require you to create a DNS record with a special token to verify ownership of the domain.

This means that in order to automatically obtain a TLS certificate, caddy needs to interact with the API of your domain registrar to set up this record. Since there are many different providers, this isn’t built into caddy itself and you require a version that includes the corresponding caddy-dns module. Caddy modules need to compiled into the binary, so it’s not always trivial to set up (in my case I have a systemd timer that rebuilds a local container image whenever a new version of the docker.io/caddy:builder image is available).

Caddy automatically sets up certificates for you. Since I don’t want my subdomain to appear in certificate transparency logs, I use a wildcard certificate which requires using a plugin for my DNS provider.

A reverse proxy, in my case Caddy.

I never heard of Cozy, but it looks quite nice. The Self-Hosting Documentation ist a bit lacking, but https://github.com/cozy/cozy-stack-compose contains all required information to set it it up yourself.

I originally used Nextcloud, but it has a lot of features not related to file hosting

Cozy seems to be in a similar situation, where file storage is just one of many features that it provides. If you want just files, it might be the best idea to just use any WebDAV Server or something like File Browser.