feat: Add reverse proxy setup with Caddy

[mertssmnoglu]

Created a new directory deployment. I was using docs directory to keep some deployment stuff but using separate deployment directory is good for new comers.

Deployment Directory

├── caddy/
│   └── Caddyfile
└── caddy.compose.yml

CaddyServer

I created a sample docker compose file for using Capture with Caddy. Caddy has built-in SSL support so we don't need to manually configure everything. It's simple and straightforward.

You can see the docs on README.md

Summary by CodeRabbit

• New Features

  • Ready-to-use reverse proxy setup using Caddy and Docker Compose for SSL termination and a shared network; includes guidance to set your domain and API secret and quick-start launch steps.

• Documentation

  • Added a Reverse Proxy & SSL section with Caddy setup steps, sample directory layout, step-by-step launch instructions, updated table of contents, and an OpenAPI link near the new content.

[coderabbitai]

Walkthrough

Adds Caddy-based reverse proxy support: new Docker Compose file and Caddyfile under deployment/reverse-proxy-compose, plus README updates describing setup, directory layout, and launch instructions for running Caddy as a reverse proxy to the capture service.

Changes

Cohort / File(s)	Summary
Documentation: Reverse Proxy & SSL README.md	Adds "Reverse Proxy and SSL" section with a Caddy subsection, updates table of contents, provides setup steps, example Caddy directory layout, docker-compose invocation (docker compose -f caddy.compose.yml up -d), and an OpenAPI link in API Documentation.
Reverse Proxy Orchestration (Compose) deployment/reverse-proxy-compose/caddy.compose.yml	New Docker Compose file that creates a capture-network, declares caddy service (image caddy:2.10-alpine, ports 80:80, 443:443, mounts ./caddy/Caddyfile and caddy_data volume) and capture service (image ghcr.io/bluewave-labs/capture:latest, exposes 59232, env API_SECRET placeholder and GIN_MODE=release), and a named volume caddy_data.
Caddy Configuration deployment/reverse-proxy-compose/caddy/Caddyfile	New Caddyfile mapping replacewithyourdomain.com to backend capture:59232 via reverse_proxy.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant U as User/Client (HTTPS)
  participant C as Caddy (Reverse Proxy)
  participant S as Capture Service

  U->>C: HTTPS request to replacewithyourdomain.com
  Note over C: TLS termination and routing per Caddyfile
  C->>S: HTTP proxy to capture:59232
  S-->>C: Response from capture
  C-->>U: HTTPS response

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

I hop through ports from eighty up to four-four-three,
Caddy digs the tunnels where my packets roam free.
Compose stacks my burrow, secrets tucked in tight,
I bounce each request and tuck it in at night. 🥕🛡️

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch deployment/reverse-proxy-caddy

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[mertssmnoglu]

This PR introduces one of the SSL solutions

• SSL Support #49

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (6)

deployment/reverse-proxy-compose/caddy/Caddyfile (2)

1-3: Add TLS contact email, compression, and structured access logs

Caddy will issue certificates automatically, but setting a contact email is recommended; adding compression and JSON logs is useful in production.

Apply this diff:

-replacewithyourdomain.com {
-  reverse_proxy capture:59232
-}
+replacewithyourdomain.com {
+  # Enable response compression
+  encode zstd gzip
+
+  # Upstream to the Capture service on the Docker network
+  reverse_proxy capture:59232
+
+  # Emit access logs in JSON to stdout
+  log {
+    output stdout
+    format json
+  }
+
+  # ACME contact email for certificate issuance/renewal notifications
+  tls [email protected]
+}

---

1-1: Optional: use a conventional placeholder domain

Using example.com (IANA-reserved) avoids accidental copy-paste of a non-existent domain.

-replacewithyourdomain.com {
+example.com {

README.md (1)

144-164: Optional: add a short prerequisites sentence

A brief note about DNS and ports will reduce setup friction for first-time users.

Proposed addition (after the “You can use a reverse proxy…” sentence):

Prerequisites: Your domain’s DNS A/AAAA record points to this server, and TCP ports 80 and 443 are reachable from the Internet so Caddy can obtain certificates.

deployment/reverse-proxy-compose/caddy.compose.yml (3)

10-15: Enable HTTP/3 by exposing UDP 443 and harden the Caddyfile mount

Adding UDP 443 enables HTTP/3; mounting the Caddyfile read-only prevents accidental edits from inside the container.

Apply this diff:

     ports:
       - "80:80"
       - "443:443"
+      - "443:443/udp"
     volumes:
-      - ./caddy/Caddyfile:/etc/caddy/Caddyfile
+      - ./caddy/Caddyfile:/etc/caddy/Caddyfile:ro
       - caddy_data:/data

---

7-8: Consider pinning images to immutable versions/digests

For reproducibility, prefer a fixed version tag (or digest) over floating tags like “latest” or broad minors. Example: ghcr.io/bluewave-labs/capture:vX.Y.Z.

---

24-26: Avoid committing secrets in Compose

Using an env file keeps secrets out of versioned YAML and supports local overrides.

If you prefer, I can draft a .env.example and update the compose + README accordingly.
Example change:

-    environment:
-      - API_SECRET=REPLACE_WITH_YOUR_SECRET
-      - GIN_MODE=release
+    env_file:
+      - .env
+    environment:
+      - GIN_MODE=release

And add a .env.example with:

API_SECRET=REPLACE_WITH_YOUR_SECRET

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ac0f516 and 3a0fee0.

📒 Files selected for processing (3)

• README.md (2 hunks)
• deployment/reverse-proxy-compose/caddy.compose.yml (1 hunks)
• deployment/reverse-proxy-compose/caddy/Caddyfile (1 hunks)

🧰 Additional context used

🪛 LanguageTool

README.md

[grammar] ~19-~19: There might be a mistake here.
Context: ...ightweight and easy to use. - Features - [Quick Start (Docker)](#quick-start-docke...

(QB_NEW_EN)

---

[grammar] ~20-~20: There might be a mistake here.
Context: ...ures](#features) - Quick Start (Docker) - [Quick Start (Docker Compose)](#quick-sta...

(QB_NEW_EN)

---

[grammar] ~21-~21: There might be a mistake here.
Context: ...-docker) - Quick Start (Docker Compose) - Configuration - [Instal...

(QB_NEW_EN)

---

[grammar] ~22-~22: There might be a mistake here.
Context: ...k-start-docker-compose) - Configuration - [Installation Options](#installation-opti...

(QB_NEW_EN)

---

[grammar] ~23-~23: There might be a mistake here.
Context: ...(#configuration) - Installation Options - [Docker (Recommended)](#docker-recommende...

(QB_NEW_EN)

---

[grammar] ~24-~24: There might be a mistake here.
Context: ...ation-options) - Docker (Recommended) - [System Installation](#system-installatio...

(QB_NEW_EN)

---

[grammar] ~25-~25: There might be a mistake here.
Context: ...cker-recommended) - System Installation - [Reverse Proxy and SSL](#reverse-proxy-an...

(QB_NEW_EN)

---

[grammar] ~26-~26: There might be a mistake here.
Context: ...m-installation) - Reverse Proxy and SSL - Caddy - [API Documentation](#ap...

(QB_NEW_EN)

---

[grammar] ~27-~27: There might be a mistake here.
Context: ... SSL](#reverse-proxy-and-ssl) - Caddy - API Documentation -...

(QB_NEW_EN)

---

[grammar] ~28-~28: There might be a mistake here.
Context: ... - Caddy - API Documentation - Contributing - [Star His...

(QB_NEW_EN)

---

[grammar] ~29-~29: There might be a mistake here.
Context: ...ion](#api-documentation) - Contributing - Star History - [License]...

(QB_NEW_EN)

---

[grammar] ~30-~30: There might be a mistake here.
Context: ...ributing](#contributing) - Star History - License ## Features - CPU M...

(QB_NEW_EN)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build (windows-2025)

🔇 Additional comments (1)

README.md (1)

19-32: TOC update looks good

The new “Reverse Proxy and SSL” and nested “Caddy” entries are correctly linked and nested.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (3)

README.md (3)

150-154: Fix code fence language and reflect actual paths in the tree

Use a neutral code fence (text) and show the full repository paths to avoid confusion about where these files live.

Apply this diff:

-```lua
-├── caddy/
-│   └── Caddyfile
-└── caddy.compose.yml
+```text
+deployment/
+└── reverse-proxy-compose/
+    ├── caddy/
+    │   └── Caddyfile
+    └── caddy.compose.yml

---

`156-164`: **Update steps and links; remove the cd step and fix link labels**

- Links currently display “caddy/…” but point to deployment/… paths, which is confusing.
- The explicit cd step isn’t necessary if the compose file is referenced from the repo root. Standardize on one approach to reduce footguns.




Apply this diff:

```diff
-1. Go to the `deployment/reverse-proxy-compose` directory
-
-    ```shell
-    cd deployment/reverse-proxy-compose
-    ```
-
-2. Replace `replacewithyourdomain.com` with your actual domain in [caddy/Caddyfile](./deployment/reverse-proxy-compose/caddy/Caddyfile)
-3. Set `API_SECRET` environment variable for the Capture service in [caddy.compose.yml](./deployment/reverse-proxy-compose/caddy.compose.yml).
+1. Replace `replacewithyourdomain.com` with your actual domain in [deployment/reverse-proxy-compose/caddy/Caddyfile](deployment/reverse-proxy-compose/caddy/Caddyfile).
+2. Set `API_SECRET` for the Capture service in [deployment/reverse-proxy-compose/caddy.compose.yml](deployment/reverse-proxy-compose/caddy.compose.yml).
+3. Ensure your domain’s DNS A/AAAA records point to this server’s IP.
+4. Open inbound TCP ports 80 and 443 on your firewall/security group.

Run this script to verify paths referenced in README exist and old ones don’t:

#!/bin/bash
set -euo pipefail

echo "[repo paths]"
fd -t f 'caddy.compose.yml' -a | sed 's/^/  /'
fd -t f 'Caddyfile' -a | sed 's/^/  /'

echo -e "\n[check expected]"
test -f deployment/reverse-proxy-compose/caddy.compose.yml && echo "OK: deployment/reverse-proxy-compose/caddy.compose.yml"
test -f deployment/reverse-proxy-compose/caddy/Caddyfile && echo "OK: deployment/reverse-proxy-compose/caddy/Caddyfile"

echo -e "\n[check bad references]"
if [ -f caddy.compose.yml ]; then echo "Unexpected: caddy.compose.yml exists at repo root"; else echo "OK: caddy.compose.yml not at repo root"; fi
if [ -f caddy/Caddyfile ]; then echo "Unexpected: caddy/Caddyfile exists at repo root"; else echo "OK: caddy/Caddyfile not at repo root"; fi

echo -e "\n[grep README for old links]"
rg -n 'caddy\.compose\.yml|caddy/Caddyfile' README.md -n -C0 || true

---

165-169: Standardize the docker compose invocation from the repo root

If we remove the cd step, the compose command should explicitly reference the file path from the repository root.

Apply this diff:

-Start the Caddy reverse proxy
+Start the Caddy reverse proxy
 
 ```shell
-docker compose -f caddy.compose.yml up -d
+# From the repository root:
+docker compose -f deployment/reverse-proxy-compose/caddy.compose.yml up -d

</blockquote></details>

</blockquote></details>

<details>
<summary>🧹 Nitpick comments (1)</summary><blockquote>

<details>
<summary>README.md (1)</summary><blockquote>

`162-164`: **Recommend safer secret handling in docs (env file or secrets)**

To avoid hard-coding secrets in compose files, suggest an env file or Docker secrets in the README instructions. Example snippet you can add after the steps:


```text
Tip: Store API_SECRET in a .env file and reference it from Compose.

Example .env:
  API_SECRET=REPLACE_WITH_YOUR_SECRET

Then in caddy.compose.yml:
  environment:
    - API_SECRET=${API_SECRET}

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 3a0fee0 and 212950d.

📒 Files selected for processing (3)

• README.md (2 hunks)
• deployment/reverse-proxy-compose/caddy.compose.yml (1 hunks)
• deployment/reverse-proxy-compose/caddy/Caddyfile (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• deployment/reverse-proxy-compose/caddy/Caddyfile
• deployment/reverse-proxy-compose/caddy.compose.yml

🧰 Additional context used

🪛 LanguageTool

README.md

[grammar] ~19-~19: There might be a mistake here.
Context: ...ightweight and easy to use. - Features - [Quick Start (Docker)](#quick-start-docke...

(QB_NEW_EN)

---

[grammar] ~20-~20: There might be a mistake here.
Context: ...ures](#features) - Quick Start (Docker) - [Quick Start (Docker Compose)](#quick-sta...

(QB_NEW_EN)

---

[grammar] ~21-~21: There might be a mistake here.
Context: ...-docker) - Quick Start (Docker Compose) - Configuration - [Instal...

(QB_NEW_EN)

---

[grammar] ~22-~22: There might be a mistake here.
Context: ...k-start-docker-compose) - Configuration - [Installation Options](#installation-opti...

(QB_NEW_EN)

---

[grammar] ~23-~23: There might be a mistake here.
Context: ...(#configuration) - Installation Options - [Docker (Recommended)](#docker-recommende...

(QB_NEW_EN)

---

[grammar] ~24-~24: There might be a mistake here.
Context: ...ation-options) - Docker (Recommended) - [System Installation](#system-installatio...

(QB_NEW_EN)

---

[grammar] ~25-~25: There might be a mistake here.
Context: ...cker-recommended) - System Installation - [Reverse Proxy and SSL](#reverse-proxy-an...

(QB_NEW_EN)

---

[grammar] ~26-~26: There might be a mistake here.
Context: ...m-installation) - Reverse Proxy and SSL - Caddy - [API Documentation](#ap...

(QB_NEW_EN)

---

[grammar] ~27-~27: There might be a mistake here.
Context: ... SSL](#reverse-proxy-and-ssl) - Caddy - API Documentation -...

(QB_NEW_EN)

---

[grammar] ~28-~28: There might be a mistake here.
Context: ... - Caddy - API Documentation - Contributing - [Star His...

(QB_NEW_EN)

---

[grammar] ~29-~29: There might be a mistake here.
Context: ...ion](#api-documentation) - Contributing - Star History - [License]...

(QB_NEW_EN)

---

[grammar] ~30-~30: There might be a mistake here.
Context: ...ributing](#contributing) - Star History - License ## Features - CPU M...

(QB_NEW_EN)

🔇 Additional comments (1)

README.md (1)

19-31: TOC additions look good and anchors resolve correctly

The new “Reverse Proxy and SSL” and nested “Caddy” entries are consistent with the section titles below. No action needed.

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

README.md (1)

169-171: Prefer repo-root compose invocation (optional) to avoid requiring a cd step

This makes the command copy-paste friendly from anywhere and mirrors how other sections run commands. If you adopt this, you can drop the earlier “cd into directory” step.

Apply this diff:

-```shell
-docker compose -f caddy.compose.yml up -d
-```
+```shell
+# From the repository root:
+docker compose -f deployment/reverse-proxy-compose/caddy.compose.yml up -d
+```

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 212950d and 92fd0cb.

📒 Files selected for processing (3)

• README.md (2 hunks)
• deployment/reverse-proxy-compose/caddy.compose.yml (1 hunks)
• deployment/reverse-proxy-compose/caddy/Caddyfile (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• deployment/reverse-proxy-compose/caddy/Caddyfile
• deployment/reverse-proxy-compose/caddy.compose.yml

🧰 Additional context used

🪛 LanguageTool

README.md

[grammar] ~19-~19: There might be a mistake here.
Context: ...ightweight and easy to use. - Features - [Quick Start (Docker)](#quick-start-docke...

(QB_NEW_EN)

---

[grammar] ~20-~20: There might be a mistake here.
Context: ...ures](#features) - Quick Start (Docker) - [Quick Start (Docker Compose)](#quick-sta...

(QB_NEW_EN)

---

[grammar] ~21-~21: There might be a mistake here.
Context: ...-docker) - Quick Start (Docker Compose) - Configuration - [Instal...

(QB_NEW_EN)

---

[grammar] ~22-~22: There might be a mistake here.
Context: ...k-start-docker-compose) - Configuration - [Installation Options](#installation-opti...

(QB_NEW_EN)

---

[grammar] ~23-~23: There might be a mistake here.
Context: ...(#configuration) - Installation Options - [Docker (Recommended)](#docker-recommende...

(QB_NEW_EN)

---

[grammar] ~24-~24: There might be a mistake here.
Context: ...ation-options) - Docker (Recommended) - [System Installation](#system-installatio...

(QB_NEW_EN)

---

[grammar] ~25-~25: There might be a mistake here.
Context: ...cker-recommended) - System Installation - [Reverse Proxy and SSL](#reverse-proxy-an...

(QB_NEW_EN)

---

[grammar] ~26-~26: There might be a mistake here.
Context: ...m-installation) - Reverse Proxy and SSL - Caddy - [API Documentation](#ap...

(QB_NEW_EN)

---

[grammar] ~27-~27: There might be a mistake here.
Context: ... SSL](#reverse-proxy-and-ssl) - Caddy - API Documentation -...

(QB_NEW_EN)

---

[grammar] ~28-~28: There might be a mistake here.
Context: ... - Caddy - API Documentation - Contributing - [Star His...

(QB_NEW_EN)

---

[grammar] ~29-~29: There might be a mistake here.
Context: ...ion](#api-documentation) - Contributing - Star History - [License]...

(QB_NEW_EN)

---

[grammar] ~30-~30: There might be a mistake here.
Context: ...ributing](#contributing) - Star History - License ## Features - CPU M...

(QB_NEW_EN)

---

[grammar] ~163-~163: There might be a mistake here.
Context: ...everse-proxy-compose/caddy.compose.yml). 4. Ensure your domain’s DNS A/AAAA records ...

(QB_NEW_EN)

🔇 Additional comments (1)

README.md (1)

19-31: TOC additions look correct and anchors resolve

All new items map to existing headings, and the nested “Docker (Recommended)” entry correctly links to #docker-recommended.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (3)

README.md (3)

157-162: Consider avoiding the cd step to reduce context-dependence

Docs are more copy/paste-friendly when commands run from the repo root. If you keep the cd step, then the compose command can be simplified to just docker compose up -d without -f. Otherwise, drop the cd and point -f to the full relative path (see next comment).

Would you prefer a “from repo root” style everywhere in README? If yes, I’ll align other examples for consistency.

---

150-155: Fix code-fence language and correct the directory tree root/path

Use a neutral code fence (text) and render the tree from the repo root so it matches the actual layout. The current first line (“├deployment/...”) is malformed and implies the folder is a sibling branch, not the root.

-```lua
-├deployment/reverse-proxy-compose/
-├── caddy/
-│   └── Caddyfile
-└── caddy.compose.yml
-```
+```text
+deployment/
+└── reverse-proxy-compose/
+    ├── caddy/
+    │   └── Caddyfile
+    └── caddy.compose.yml
+```

---

170-172: Make the compose command runnable from repo root

If you remove the cd step as suggested above, update the command to reference the file via its full path from the repository root.

-```shell
-docker compose -f caddy.compose.yml up -d
+```shell
+# From the repository root:
+docker compose -f deployment/reverse-proxy-compose/caddy.compose.yml up -d

</blockquote></details>

</blockquote></details>

<details>
<summary>🧹 Nitpick comments (1)</summary><blockquote>

<details>
<summary>README.md (1)</summary><blockquote>

`163-166`: **Links and prerequisites look correct; add optional ACME email guidance**

The links now point to deployment/reverse-proxy-compose and the DNS/firewall prerequisites are helpful. Consider adding an optional step to set an ACME/Let’s Encrypt contact email so Caddy can send expiry notices and avoid rate-limit surprises.



Example additions (no diff as this is outside the shown lines):
- In caddy.compose.yml, set an env var:
  - CADDY_ADMIN=on (optional), and/or
  - [email protected]
- Or in Caddyfile global options:
  {
      email [email protected]
  }

</blockquote></details>

</blockquote></details>

<details>
<summary>📜 Review details</summary>

**Configuration used**: CodeRabbit UI

**Review profile**: CHILL

**Plan**: Pro

**💡 Knowledge Base configuration:**

- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

<details>
<summary>📥 Commits</summary>

Reviewing files that changed from the base of the PR and between 92fd0cb16465d597e345b75a7f81a7caa453abe7 and 71cc84b47de73a862ac4b929e379af727952511f.

</details>

<details>
<summary>📒 Files selected for processing (3)</summary>

* `README.md` (2 hunks)
* `deployment/reverse-proxy-compose/caddy.compose.yml` (1 hunks)
* `deployment/reverse-proxy-compose/caddy/Caddyfile` (1 hunks)

</details>

<details>
<summary>🚧 Files skipped from review as they are similar to previous changes (2)</summary>

* deployment/reverse-proxy-compose/caddy/Caddyfile
* deployment/reverse-proxy-compose/caddy.compose.yml

</details>

<details>
<summary>🧰 Additional context used</summary>

<details>
<summary>🪛 LanguageTool</summary>

<details>
<summary>README.md</summary>

[grammar] ~19-~19: There might be a mistake here.
Context: ...ightweight and easy to use.  - [Features](#features) - [Quick Start (Docker)](#quick-start-docke...

(QB_NEW_EN)

---

[grammar] ~20-~20: There might be a mistake here.
Context: ...ures](#features) - [Quick Start (Docker)](#quick-start-docker) - [Quick Start (Docker Compose)](#quick-sta...

(QB_NEW_EN)

---

[grammar] ~21-~21: There might be a mistake here.
Context: ...-docker) - [Quick Start (Docker Compose)](#quick-start-docker-compose) - [Configuration](#configuration) - [Instal...

(QB_NEW_EN)

---

[grammar] ~22-~22: There might be a mistake here.
Context: ...k-start-docker-compose) - [Configuration](#configuration) - [Installation Options](#installation-opti...

(QB_NEW_EN)

---

[grammar] ~23-~23: There might be a mistake here.
Context: ...(#configuration) - [Installation Options](#installation-options)   - [Docker (Recommended)](#docker-recommende...

(QB_NEW_EN)

---

[grammar] ~24-~24: There might be a mistake here.
Context: ...ation-options)   - [Docker (Recommended)](#docker-recommended) - [System Installation](#system-installatio...

(QB_NEW_EN)

---

[grammar] ~25-~25: There might be a mistake here.
Context: ...cker-recommended) - [System Installation](#system-installation) - [Reverse Proxy and SSL](#reverse-proxy-an...

(QB_NEW_EN)

---

[grammar] ~26-~26: There might be a mistake here.
Context: ...m-installation) - [Reverse Proxy and SSL](#reverse-proxy-and-ssl)   - [Caddy](#caddy) - [API Documentation](#ap...

(QB_NEW_EN)

---

[grammar] ~27-~27: There might be a mistake here.
Context: ... SSL](#reverse-proxy-and-ssl)   - [Caddy](#caddy) - [API Documentation](#api-documentation) -...

(QB_NEW_EN)

---

[grammar] ~28-~28: There might be a mistake here.
Context: ...  - [Caddy](#caddy) - [API Documentation](#api-documentation) - [Contributing](#contributing) - [Star His...

(QB_NEW_EN)

---

[grammar] ~29-~29: There might be a mistake here.
Context: ...ion](#api-documentation) - [Contributing](#contributing) - [Star History](#star-history) - [License]...

(QB_NEW_EN)

---

[grammar] ~30-~30: There might be a mistake here.
Context: ...ributing](#contributing) - [Star History](#star-history) - [License](#license)  ## Features  - CPU M...

(QB_NEW_EN)

---

[grammar] ~164-~164: There might be a mistake here.
Context: ...everse-proxy-compose/caddy.compose.yml). 4. Ensure your domain’s DNS A/AAAA records ...

(QB_NEW_EN)

</details>

</details>

</details>

</details>

<details>
<summary>🔇 Additional comments (2)</summary><blockquote>

<details>
<summary>README.md (2)</summary><blockquote>

`19-31`: **TOC additions look good**

The new entries for “Reverse Proxy and SSL” and nested “Caddy” are correctly linked and placed. No action needed.

---

`144-149`: **Section intro reads clearly**

Good, succinct framing of why a reverse proxy is used. No changes required.

</blockquote></details>

</blockquote></details>

<!-- This is an auto-generated comment by CodeRabbit for review status -->