You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Centauri is a TLS-terminating reverse HTTP proxy written in Go.
Current status
Centauri is considered stable and feature complete. It is deployed in production
in several places. Any breaking changes going forward will result in major
version bumps.
Features
Automatic TLS certificates and OCSP stapling
Centauri will obtain TLS certificates from an ACME provider such as
Let's Encrypt. It will keep these up to date, and ensure each one
has a valid OCSP staple that can be sent to clients.
Centauri runs with sensible defaults for establishing TLS connections,
in line with Mozilla's Intermediate recommendations. This balances
security with accessibility for older clients.
You don't need to configure separate front-ends or back-ends, or
deal with proxy_pass instructions.
Native Tailscale support
Centauri can listen directly on a Tailscale network instead of
a public TCP port, removing the need for complex configuration
or sidecar containers. Change the "frontend" setting to
"tailscale", supply an API key, and Centauri will connect
directly to your Tailscale network!
Centauri will also pass details of the Tailscale user making
the request to the upstream service, via the following headers:
