DevToolkit

Caddyfile Generator

Browser only

Caddyfile Generator

Generate Caddyfile reverse proxy snippets for self-hosted apps, Docker services, HTTPS sites, compression, security headers, and access logs in your browser.

DomainThe site address Caddy should serve.

Upstream protocol

Upstream host

Upstream port

Request body size noteOptional note for upload limits or upstream request body settings.

Enable compressionAdds encode gzip zstd.

Add security headersAdds common headers like HSTS, X-Frame-Options, and X-Content-Type-Options.

Enable access logAdds a simple log block for the site.

Enable WebSocket noteAdds a reminder that reverse_proxy already handles WebSockets.

Optional basic auth placeholderAdds a commented basicauth template you can fill in later.

Example output

example.com {
    encode gzip zstd
    header {
        Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
        Referrer-Policy "strict-origin-when-cross-origin"
        Permissions-Policy "geolocation=(), microphone=(), camera=()"
        -Server
    }
    reverse_proxy http://127.0.0.1:3000
    # Request body size note: 50m
}

Deep dive

More context for Caddyfile Generator

Useful when you want a fast starting point for a Caddy reverse proxy with HTTPS and headers already in mind.

Overview

What is this tool?

It generates Caddyfile site blocks in your browser from a domain, upstream target, and optional toggles for compression, security headers, access logs, WebSocket notes, and basic auth placeholders.

Input samples

Example inputs

Basic reverse proxy

example.com {
    encode gzip zstd
    header {
        Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
    }
    reverse_proxy http://127.0.0.1:3000
}

HTTPS upstream and logs

app.example.com {
    encode gzip zstd
    log {
        output file /var/log/caddy/access.log
        format console
    }
    reverse_proxy https://app.internal:8443
    # WebSocket note: reverse_proxy handles WebSockets automatically.
}

Basic auth placeholder

secure.example.com {
    reverse_proxy http://127.0.0.1:8080
    # Basic auth placeholder:
    # basicauth {
    #     # username password_hash
    # }
}

When to use it

Common use cases

Create a starter Caddyfile for a self-hosted app or Docker service.
Add compression, security headers, and access logs without hand-writing every block.
Keep a clean TLS and header baseline before you tighten the config for production.

Navigation

Explore related workflows

Keep moving through the collection, workflow, and adjacent tools that usually belong with this page.

Related workflow

Continue with the tool chain that usually goes together here.

Deploy a self-hosted app

Prepare Docker environment files, volume mappings, reverse proxy snippets, and header checks before you ship a service.

Docker Compose Env File Generator Docker Volume Mapping Helper Docker Compose Preview Docker Run to Compose Converter Docker Compose to Docker Run Converter

Related tools

Open the closest adjacent tools without leaving the current context.

Nginx Reverse Proxy Generator Nginx Config Checker SSL Certificate Decoder Docker Compose Preview HTTP Security Headers Checker Env Vars Checker Docker Compose Env File Generator Docker Volume Mapping Helper Docker Run to Compose Converter Docker Compose to Docker Run Converter

Answers

FAQ

Is this a production-ready Caddyfile?

No. It is a best-effort generator, so you should review and adjust the output before using it in production.

Does Caddy need extra WebSocket configuration?

Usually no. reverse_proxy handles WebSockets automatically, so the tool adds a reminder note instead of special proxy syntax.

Will it use my real domain, upstream host, and auth config?

It uses the values you enter and placeholder comments for optional auth. Adjust the domain, upstream service address, and authentication details to match your environment.

What should I verify after generation?

Check the upstream address, TLS behavior, headers, and any auth notes, then compare the live response with the header tools.

Disclaimer

Disclaimer / limitation note

This is a best-effort Caddyfile generator, not a replacement for hands-on review. Check the generated output before production use and adjust the domain, upstream service address, and authentication settings to fit your environment. All content is generated locally in your browser and is not uploaded to a server.

Privacy

Privacy note

Generation happens entirely in your browser. No file is uploaded, no login is required, and DevToolkit does not store the values you enter.