DorkOSDorkOS
Self-Hosting

Reverse Proxy

Configure nginx or Caddy as a reverse proxy for DorkOS

Reverse Proxy

DorkOS uses Server-Sent Events (SSE) for real-time streaming. Reverse proxy configuration must account for SSE's long-lived connections and disable response buffering.

Standard proxy settings will break SSE streaming. The configurations below include the required SSE-specific directives.

Proxy Configuration

Caddy automatically handles HTTPS certificates and has good SSE support out of the box.

dorkos.example.com {
    reverse_proxy localhost:4242 {
        flush_interval -1
    }
}

The flush_interval -1 setting disables response buffering, which is required for SSE streams to work correctly.

server {
    listen 443 ssl;
    server_name dorkos.example.com;

    ssl_certificate /path/to/cert.pem;
    ssl_certificate_key /path/to/key.pem;

    location / {
        proxy_pass http://localhost:4242;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # SSE support: disable buffering and set long timeouts
        proxy_buffering off;
        proxy_cache off;
        proxy_read_timeout 86400s;
        proxy_send_timeout 86400s;

        # Required for SSE
        proxy_set_header Connection '';
        chunked_transfer_encoding off;
    }
}

Key SSE Settings (nginx)

These settings are critical for SSE to function correctly through nginx:

Prop

Type

Common Issues

SSE events arrive in batches instead of real-time

Cause: Response buffering is enabled in the reverse proxy.

Fix: Ensure proxy_buffering off (nginx) or flush_interval -1 (Caddy).

Connection drops after 60 seconds

Cause: Default proxy timeout is too short for SSE.

Fix: Increase proxy_read_timeout to at least 3600s (1 hour).

502 Bad Gateway on long requests

Cause: The upstream timeout is shorter than the Claude response time.

Fix: Increase both proxy_read_timeout and proxy_send_timeout.

HTTPS with Let's Encrypt

Caddy handles Let's Encrypt automatically. Just point your domain's DNS to the server and Caddy obtains and renews certificates with no additional configuration.

dorkos.example.com {
    reverse_proxy localhost:4242 {
        flush_interval -1
    }
}

Install certbot and request a certificate:

sudo certbot --nginx -d dorkos.example.com

Certbot modifies your nginx config to add SSL directives and sets up automatic renewal.

Next Steps

Deployment

Production deployment guide with systemd, environment variables, and health checks.

Tunnel Setup

Alternative remote access via ngrok without a reverse proxy.

SSE Protocol

Full SSE protocol reference for understanding the streaming wire format.

Deployment

Deploy DorkOS in production

Development Setup

Set up a local development environment for DorkOS

On this page

Reverse ProxyProxy ConfigurationKey SSE Settings (nginx)Common IssuesSSE events arrive in batches instead of real-timeConnection drops after 60 seconds502 Bad Gateway on long requestsHTTPS with Let's EncryptNext Steps