You can configure caddy to use 80 and be a reverse proxy for both the services, serving one site or the other depending on the name (you will need a second DNS entry pointing to the same IP). about not exposing 443, I really doubt that caddy can automatically retrieve SSL certificates for you if not running on the default port. Check the documentation, if I’m right either you open an empty website on 443 just for the sake of getting SSL certs to run https, and manually configure the other port to do the same, or you get the certificates manually using the DNS verification (check let’s encrypt documentation) and configure caddy to use them.
There are plenty of zigbee options available on Amazon UK (and I would expect some wifi too, but I have already a zigbee network so I prefer it when possible). Do a quick search there, most of them have the wiring diagram in the photos. Some of them can be installed in the box, so you don’t have to replace the switches (which may be ugly compared of the others you have). Also note that if both the switches you want to replace control the same light you just need to replace one of them.