Caddyfile Generator

Build a clean, copy-ready Caddyfile for Caddy v2. Configure reverse proxies, static sites, PHP, SPA fallbacks, and redirects — with automatic HTTPS handled for you.

Site Type

Site Address & HTTPS

A domain (auto-HTTPS), :8080 for a port, or several space-separated hosts.
Used by Let's Encrypt for expiry notices.

Reverse Proxy

Space-separate multiple upstreams to load-balance. WebSockets are proxied automatically.

Common Options

Custom response headers

Generated Caddyfile

Save as Caddyfile (no extension) and run caddy run or reload your service.

example.com {
	encode gzip zstd
	reverse_proxy localhost:3000
}

Validate with caddy validate --config Caddyfile and auto-format with caddy fmt --overwrite.

Reload with zero downtime using caddy reload or sudo systemctl reload caddy.

About Caddyfile Generator

The Caddyfile Generator is a free online tool that builds a clean, copy-ready Caddyfile for the Caddy v2 web server. Caddy's headline feature is automatic HTTPS — it provisions and renews TLS certificates from Let's Encrypt or ZeroSSL with zero configuration — which makes it a popular, much simpler alternative to Nginx and Apache for reverse proxies, static sites, and small deployments.

This generator covers the most common Caddy use cases: reverse-proxying to an application server, serving static files, running PHP via php_fastcgi, single-page-app routing, and full-site redirects. Layer on compression, security headers, basic auth, access logging, and www canonicalization, and copy a config that's ready to run.

Everything runs locally in your browser. Your domains, paths, and upstream addresses are never sent to a server.

How to Use Caddyfile Generator

  1. 1. Pick a site type — reverse proxy, static files, PHP, SPA, or redirect.
  2. 2. Enter your site address (a domain for automatic HTTPS, or a :port for local use) and, optionally, an ACME email.
  3. 3. Fill in the type-specific settings — the upstream to proxy to, the directory to serve, the PHP-FPM socket, or the redirect target.
  4. 4. Toggle common options like compression, security headers, basic auth, access logs, and a www redirect.
  5. 5. Click Copy or Download and save the file as Caddyfile (no extension) in your project or /etc/caddy/.
  6. 6. Validate with caddy validate, then run caddy run or reload the service.

Common Use Cases

Reverse proxy with free HTTPS

Put Caddy in front of a Node, Go, Django, or Rails app and get auto-renewing TLS certificates with one line.

Static site hosting

Serve a static or Hugo/Jekyll site from a directory with gzip + zstd compression and HTTPS out of the box.

PHP and WordPress

Run WordPress or Laravel through php_fastcgi and file_server without hand-writing FastCGI rules.

Single-page apps

Serve a React, Vue, or Svelte build and route every unknown path back to index.html for client-side routing.

Load balancing

Proxy to several upstreams with round_robin or least_conn and a health-check endpoint.

Local development with TLS

Use tls internal to get trusted HTTPS on localhost without external certificates.

Frequently Asked Questions

What is a Caddyfile?

A Caddyfile is the human-friendly configuration format for the Caddy v2 web server. Each block starts with a site address followed by directives in braces. It's far terser than an Nginx or Apache config — a working HTTPS reverse proxy can be just two lines.

Do I need to configure HTTPS myself?

No. When the site address is a public domain pointed at your server, Caddy automatically obtains and renews TLS certificates from Let's Encrypt or ZeroSSL, and redirects HTTP to HTTPS. You don't write any certificate paths or redirect rules. For local development, choose tls internal for a trusted self-signed certificate.

Where do I put the Caddyfile?

When running manually, place it in your working directory and run caddy run. As a system service (the default on most installs), Caddy reads /etc/caddy/Caddyfile; edit it there and run sudo systemctl reload caddy.

How does Caddy handle WebSockets?

Automatically. The reverse_proxy directive proxies WebSocket and HTTP/2 connections transparently — there's no special Upgrade header configuration like you'd write for Nginx.

How do I add HTTP basic authentication?

Enable Basic auth and supply a username and a bcrypt hash of the password. Generate the hash with caddy hash-password — never store a plaintext password in the config. Recent Caddy versions use the basic_auth directive (older ones used basicauth).

Can I run a single-page app with client-side routing?

Yes — pick the SPA site type. It serves your build directory and uses try_files to fall back to index.html for any path that isn't a real file, so deep links into your React, Vue, or Svelte router work on refresh.

How do I validate and format the file?

Run caddy validate --config Caddyfile to check for errors before deploying, and caddy fmt --overwrite to normalize indentation and spacing. This generator already emits tab-indented, idiomatic output.

Is my data sent to any server?

No. This tool runs entirely in your browser. Your domains, upstream addresses, paths, and all other configuration never leave your device.