Yes would be good to have your proxy solution described more in detail.
Reverse proxy is set up via
/etc/lighttpd/conf-available/10-proxy.conf (initially to make vaultwarden work)
what eaxtly you mean by “forcing HTTPS”
I am referring to the setting within dietpi-letsencrypt