Skip to main content

Caddy Reverse Proxy

Automatic TLS reverse proxy for CodePiper with a two-line configuration.

Overview

Caddy handles TLS certificates automatically via Let’s Encrypt. The simplest self-hosted reverse proxy option.

Best forSelf-hosted, automatic TLS, minimal config
TLSAutomatic (Let’s Encrypt)
Persistent URLYes (your domain)
Auth layerNone built-in (add basicauth directive or external auth)

Prerequisites

  • A domain name pointing to your server
  • Caddy installed (install guide)
  • Ports 80 and 443 open (for Let’s Encrypt challenge)

Caddyfile

codepiper.example.com {
    reverse_proxy /ws 127.0.0.1:9999
    reverse_proxy * 127.0.0.1:3000
}

That’s it. Caddy automatically obtains and renews certificates.

Daemon Environment

Terminal window
TRUST_PROXY_HEADERS=true \
FORCE_SECURE_COOKIES=true \
ALLOWED_ORIGINS=https://codepiper.example.com \
codepiper daemon --web

When to Use Something Else

Caddy is the easiest self-hosted option, but requires a publicly reachable server. For private access without exposing ports, use Tailscale or Cloudflare Tunnel.

See the Remote Access overview for a comparison of all methods.