https://github.com/wikid82/charon

A lightweight, user-friendly web interface for managing Caddy as a reverse proxy. It simplifies SSL management and host routing for self-hosters who want the power of Caddy without the manual configuration.
https://github.com/wikid82/charon

caddy crowdsec docker docker-compose homelab proxy-manager reverse-proxy security self-hosted sso tailscale waf web-ui

Last synced: 16 days ago
JSON representation

A lightweight, user-friendly web interface for managing Caddy as a reverse proxy. It simplifies SSL management and host routing for self-hosters who want the power of Caddy without the manual configuration.

• Host: GitHub
• URL: https://github.com/wikid82/charon
• Owner: Wikid82
• License: mit
• Created: 2025-11-17T17:50:44.000Z (4 months ago)
• Default Branch: main
• Last Pushed: 2026-02-03T02:43:43.000Z (about 1 month ago)
• Last Synced: 2026-02-03T02:58:42.136Z (about 1 month ago)
• Topics: caddy, crowdsec, docker, docker-compose, homelab, proxy-manager, reverse-proxy, security, self-hosted, sso, tailscale, waf, web-ui
• Language: Go
• Homepage: https://wikid82.github.io/Charon/
• Size: 65.7 MB
• Stars: 4
• Watchers: 1
• Forks: 0
• Open Issues: 58
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: CONTRIBUTING.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE
  • Security: SECURITY.md

Awesome Lists containing this project

README

          


  



Charon




  Your server, your rules—without the headaches.





  Manage reverse proxies with a clean web interface.


  No config files. No cryptic syntax. No networking degree required.





  

    

  

  

    

  

  

    

  

  

    

  



---

## 🚀 Why Charon?

You want your apps online.

You don’t want to edit config files or memorize reverse proxy syntax.

Charon gives you:

- ✅ Automatic HTTPS certificates

- ✅ Clean domain routing

- ✅ Built-in security protection

- ✅ One-click Docker app discovery

- ✅ Live updates without restarts

- ✅ Zero external dependencies

If you can use a website, you can run Charon.

---

## 🛡 Built-In Security

Charon includes security features that normally require multiple tools:

- Web Application Firewall (WAF)

- CrowdSec intrusion detection

- Access Control Lists (ACLs)

- Rate limiting

- Emergency recovery tools

Secure by default. No extra containers required.

📖 [Learn more about security →](https://wikid82.github.io/charon/security)

---

## ⚡ Quick Start (5 Minutes)

### 1️⃣ Create `docker-compose.yml`

```yaml

services:

  charon:

    image: wikid82/charon:latest

    container_name: charon

    restart: unless-stopped

    ports:

      - "80:80"

      - "443:443"

      - "443:443/udp"

      - "8080:8080"

    volumes:

      - ./charon-data:/app/data

      - /var/run/docker.sock:/var/run/docker.sock:ro

    environment:

      - TZ=America/New_York

      # Generate with: openssl rand -base64 32

      - CHARON_ENCRYPTION_KEY=your-32-byte-base64-key

    healthcheck:

      test: ["CMD-SHELL", "curl -fsS http://localhost:8080/api/v1/health || exit 1"]

      interval: 30s

      timeout: 10s

      retries: 3

      start_period: 40s

```

### 2️⃣ Generate encryption key:

```bash

openssl rand -base64 32

```

### 3️⃣ Start Charon:

```bash

docker-compose up -d

```

### 4️⃣ Access the dashboard:

Open your browser and navigate to `http://localhost:8080` to access the dashboard and create your admin account.

```code

http://localhost:8080

```

### Getting Started:

Full setup instructions and documentation are available at [https://wikid82.github.io/Charon/docs/getting-started.html](https://wikid82.github.io/Charon/docs/getting-started.html).

--- ## ✨ Top 10 Features

### 🎯 **Point & Click Management**

No config files. No terminal commands. Just click, type your domain name, and you're live. If you can use a website, you can run Charon.

### 🔐 **Automatic HTTPS Certificates**

Free SSL certificates that request, install, and renew themselves. Your sites get the green padlock without you lifting a finger.

### 🌐 **DNS Challenge for Wildcard Certificates**

Secure all your subdomains with a single *.example.com certificate. Supports 15+ DNS providers including Cloudflare, Route53, DigitalOcean, and Google Cloud DNS. Credentials are encrypted and automatically rotated.

### 🛡️ **Enterprise-Grade Security Built In**

Web Application Firewall, rate limiting, geographic blocking, access control lists, and intrusion detection via CrowdSec. Protection that "just works."

### 🔐 **Supply Chain Security**

Verifiable builds with cryptographic signatures, SLSA provenance attestation, and comprehensive SBOMs. Verify what you run with transparent, tamper-proof evidence.

### 🌐 **Smart Proxy Headers**

Automatically adds standard headers (X-Real-IP, X-Forwarded-Proto, etc.) so your backend applications see real client IPs, enforce HTTPS correctly, and log accurately—with full backward compatibility for existing hosts.

### 🐳 **Instant Docker Discovery**

Already running apps in Docker? Charon finds them automatically and offers one-click proxy setup. No manual configuration required.

### 📊 **Real-Time Monitoring & Logs**

See exactly what's happening with live request logs, uptime monitoring, and instant notifications when something goes wrong.

### 📥 **Migration Made Easy**

Already invested in another reverse proxy? Bring your work with you by importing your existing configurations with one click:

- **Caddyfile** — Migrate from other Caddy setups

- **Nginx** — Import from Nginx based configurations (Coming Soon)

- **Traefik** - Import from Traefik based configurations (Coming Soon)

- **CrowdSec** - Import from CrowdSec configurations

- **JSON Import** — Restore from Charon backups or generic JSON configs

### ⚡ **Live Configuration Changes**

Update domains, add security rules, or modify settings instantly—no container restarts needed.* Your sites stay up while you make changes.

### 🌍 **Multi-App Management**

Run dozens of websites, APIs, or services from a single dashboard. Perfect for homelab enthusiasts and small teams managing multiple projects.

### 🚀 **Zero-Dependency Deployment**

One Docker container. No databases to install. No external services required. No complexity—just pure simplicity.

### 💯 **100% Free & Open Source**

No premium tiers. No feature paywalls. No usage limits. Everything you see is yours to use, forever, backed by the MIT license. * Note: Initial security engine setup (CrowdSec) requires a one-time container restart to initialize the protection layer. All subsequent changes happen live. **

[Explore All Features →](https://github.com/Wikid82/Charon/blob/main/docs/features.md)**

---

💬 Support

   

          


---

❤️ Free & Open Source

Charon is 100% free and open source under the MIT License.

No premium tiers. No locked features. No usage limits.

Built for the self-hosting community.