CaddyServer is still easier since declaring HTTPS for a site will trigger let's encrypt. Nginx requires module loading and other things.

It’s not clear if this supports dynamic configurations where the server name is pulled out of an nginx map?

If working in a Kubernetes environment you can use cert-manager that basically manages certificate lifetime for you, just need to make the crt/key available to your services using secret references as volumes.

If you're not using k8s certbot is also an option, you get your certificates under /etc/letsencrypt/live/$domain.