HAProxy nor Certbot running:
~$ sudo ss -tlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:ssh *:* users:(("sshd",pid=1232,fd=3))
LISTEN 0 128 :::ssh :::* users:(("sshd",pid=1232,fd=4))
HAProxy running:
~$ sudo ss -tlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:http *:* users:(("haproxy",pid=2619,fd=5))
LISTEN 0 128 *:ssh *:* users:(("sshd",pid=1232,fd=3))
LISTEN 0 128 *:https *:* users:(("haproxy",pid=2619,fd=6))
LISTEN 0 128 :::ssh :::* users:(("sshd",pid=1232,fd=4))
Certbot running:
~$ sudo ss -tlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:ssh *:* users:(("sshd",pid=1232,fd=3))
LISTEN 0 5 :::http :::* users:(("certbot",pid=2553,fd=8))
LISTEN 0 128 :::ssh :::* users:(("sshd",pid=1232,fd=4))
and it looks like sudo can bind to port 80:
~$ sudo nc -vvv -l -p80
Listening on [0.0.0.0] (family 0, port 80)
^C
:~$ sudo ss -tlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 1 *:http *:* users:(("nc",pid=5397,fd=3))
LISTEN 0 128 *:ssh *:* users:(("sshd",pid=1232,fd=3))
LISTEN 0 128 :::ssh :::* users:(("sshd",pid=1232,fd=4))