diff --git a/hosts/host_001_momo_koeln/caddy.nix b/hosts/host_001_momo_koeln/caddy.nix
new file mode 100644
index 00000000..8e90b16d
--- /dev/null
+++ b/hosts/host_001_momo_koeln/caddy.nix
@@ -0,0 +1,26 @@
+{
+  config,
+  ...
+}: {
+  # Changing the Caddyfile should only trigger a reload, not a restart
+  systemd.services.caddy.reloadTriggers = [
+    config.services.caddy.configFile
+  ];
+
+  services.caddy = {
+    enable = true;
+    email = "wg-tooling@list.momo.koeln";
+    virtualHosts = {
+      "auth.momo.koeln" = {
+        logFormat = ''
+          output discard
+        '';
+        extraConfig = ''
+          reverse_proxy :8080
+        '';
+      };
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [80 443];
+}
diff --git a/hosts/host_001_momo_koeln/configuration.nix b/hosts/host_001_momo_koeln/configuration.nix
index 71f49ad8..a955f57b 100644
--- a/hosts/host_001_momo_koeln/configuration.nix
+++ b/hosts/host_001_momo_koeln/configuration.nix
@@ -6,6 +6,7 @@
       # Include the results of the hardware scan.
       ./hardware-configuration.nix
 
+      ./caddy.nix
       ./keycloak.nix
     ];