Caddyfile Builder

Caddyfile Builder

Compose a Caddy v2 config with reverse-proxy, file-server, redirect, header, route, and TLS directives across multiple sites.

Dev disables auto-HTTPS, enables debug + admin endpoint.
Global options
Snippets
Named matchers
Sites
encode
reverse_proxy
header
Caddyfile (prod)
example.com, www.example.com {
	encode gzip zstd
	reverse_proxy 127.0.0.1:8080 {
		lb_policy round_robin
		health_uri /health
	}
	header Strict-Transport-Security "max-age=31536000; includeSubDomains"
}
Validation tip

Run caddy validate --config Caddyfile --adapter caddyfile before reload to catch directive ordering issues. Site blocks compile to a JSON config you can inspect via the admin endpoint.

What This Tool Does

Caddyfile Builder is built for deterministic developer and agent workflows.

Build a Caddy v2 Caddyfile with reverse-proxy, file-server, redirect, header, route, and TLS directives. Multi-site composition with snippets, named matchers, and generated environment-specific overrides.

Use How to Use for execution steps and FAQ for constraints, policies, and edge cases.

Last updated:

This tool is provided as-is for convenience. Output should be verified before use in any production or critical context.

Agent Invocation

Best Path For Builders

Browser workflow

Runs instantly in the browser with private local processing and copy/export-ready output.

Browser Workflow

This tool is optimized for instant in-browser execution with local data handling. Run it here and copy/export the output directly.

/caddyfile-builder/

For automation planning, fetch the canonical contract at /api/tool/caddyfile-builder.json.

How to Use Caddyfile Builder

  1. 1

    Set global options

    Optionally fill the email used by the ACME client, the admin endpoint address, the auto_https mode, and toggle debug logging. Empty fields are omitted from the global block, keeping the config minimal.

  2. 2

    Define snippets and named matchers

    Add reusable snippets (referenced via import in site blocks) and named matchers like @api or @static. Matchers can scope directives to specific paths, methods, or hosts within a site.

  3. 3

    Compose site blocks

    Add a site for each hostname or comma-separated host group. Inside each site, append directives — reverse_proxy, file_server, redir, header, respond, rewrite, tls, encode, log — using the directive buttons.

  4. 4

    Switch environment overlays

    Toggle prod/staging/dev to apply environment-specific overrides. Dev disables auto-HTTPS and enables the admin endpoint plus debug logging, so the same site config is testable locally without TLS.

  5. 5

    Validate and reload

    Copy the generated Caddyfile, save it to /etc/caddy/Caddyfile, run caddy validate to confirm syntax, then caddy reload to apply without dropping connections. Errors surface in the issues panel before you reload.

Frequently Asked Questions

Does this support the JSON config or only Caddyfile?
It outputs Caddyfile syntax. Caddy converts the Caddyfile to JSON internally at load time, so any directive expressible in Caddyfile composes into the same JSON config — inspect it via the admin /config/ endpoint.
How does the prod/staging/dev toggle work?
Dev sets auto_https=off, enables debug, and exposes the admin endpoint on localhost so you can iterate without TLS. Staging keeps HTTPS but adds debug. Prod uses defaults — minimal logs, full automatic HTTPS.
What are named matchers used for?
Named matchers like @api or @static let you reuse a path/method/header predicate across multiple directives in the same site, and combine matchers with reverse_proxy, redir, header, etc., without duplicating the predicate.
Does it send my data to a server?
No. The composition, validation, and Caddyfile rendering run entirely in your browser. Site hostnames, upstream IPs, and TLS emails never leave your device.
Will tls internal work for dev?
Yes. Add a tls directive without an email and Caddy uses its internal CA to issue a cert. Browsers warn on the first visit, then trust it once you install the Caddy root cert via caddy trust.