caddytls: Support custom bind host for challenges (#3232)

modules/caddytls/acmeissuer.go

@@ -153,6 +153,7 @@ func (m *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEManager, error) {
 			template.AltTLSALPNPort = m.Challenges.TLSALPN.AlternatePort
 		}
 		template.DNSProvider = m.Challenges.DNS
+		template.ListenHost = m.Challenges.BindHost
 	}
 
 	return template, nil

modules/caddytls/automation.go

@@ -239,6 +239,10 @@ type ChallengesConfig struct {
 	// to Caddy from an external server.
 	DNSRaw json.RawMessage `json:"dns,omitempty" caddy:"namespace=tls.dns inline_key=provider"`
 
+	// Optionally customize the host to which a listener
+	// is bound if required for solving a challenge.
+	BindHost string `json:"bind_host,omitempty"`
+
 	DNS challenge.Provider `json:"-"`
 }