diff --git a/README.md b/README.md
index 03b6b74..28b664d 100644
--- a/README.md
+++ b/README.md
@@ -71,9 +71,25 @@ docker compose run --rm register-user --username alice --password secret
 | `COOKIE_SECURE` | `false` | Set `true` when serving over HTTPS |
 | `TRUST_PROXY` | `false` | Set `true` when behind a reverse proxy |
 
-### Reverse proxy (nginx example)
+### Reverse proxy
 
-When running behind nginx, set `TRUST_PROXY=true` so Nanodrop sees the real client IP in logs.
+Set `TRUST_PROXY=true` when running behind a reverse proxy so Nanodrop sees the real client IP in logs.
+
+**Caddy** (`Caddyfile`):
+
+```caddy
+files.example.com {
+    reverse_proxy localhost:3000
+
+    request_body {
+        max_size 110MB
+    }
+}
+```
+
+Caddy sets `X-Forwarded-For` and handles TLS automatically. Set `COOKIE_SECURE=true` since traffic to the app arrives over HTTPS.
+
+**nginx** (`sites-available/nanodrop`):
 
 ```nginx
 server {