HAPROXY behind a nat

Trying to get let’s encrypt working on servers behind a NAT, but i just want the proxy to work internally, but my issue is that the clients and servers and behind nat, but get a public IP address from pfsense. I just couldn’t get my self to to understand what needs to be accomplished this would be easy if the servers needed to be accessible on the internet but needing the proxy behind the nat is troublesome, i could just run everything on IPv6, which would make stuff is this posible with ipv4? Just trying to home lab out this situation.

I cover that in my HAProxy Wildcard cert video. https://youtu.be/jpyUm53we-Y

You do this by configuring DNS entries so the site names resolve to the local IP of HAProxy.