diff --git a/.nostr.local/certs/.gitignore b/.nostr.local/certs/.gitignore
new file mode 100644
index 0000000..d6b7ef3
--- /dev/null
+++ b/.nostr.local/certs/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
diff --git a/.nostr.local/settings.json b/.nostr.local/settings.json
new file mode 100644
index 0000000..ee1d976
--- /dev/null
+++ b/.nostr.local/settings.json
@@ -0,0 +1,112 @@
+{
+  "info": {
+    "relay_url": "wss://nostream.localtest.me",
+    "name": "nostream.localtest.me",
+    "description": "A nostr relay written in TypeScript.",
+    "pubkey": "replace-with-your-pubkey",
+    "contact": "operator@your-domain.com"
+  },
+  "network": {
+    "max_payload_size": 131072,
+    "remote_ip_header": "x-forwarded-for"
+  },
+  "workers": {
+    "count": 0
+  },
+  "limits": {
+    "event": {
+      "eventId": {
+        "minLeadingZeroBits": 0
+      },
+      "kind": {
+        "whitelist": [],
+        "blacklist": []
+      },
+      "pubkey": {
+        "minLeadingZeroBits": 0,
+        "whitelist": [],
+        "blacklist": []
+      },
+      "createdAt": {
+        "maxPositiveDelta": 900,
+        "maxNegativeDelta": 0
+      },
+      "content": {
+        "maxLength": 1048576
+      },
+      "rateLimits": [
+        {
+          "kinds": [0, 3, 40, 41],
+          "period": 60000,
+          "rate": 6
+        },
+        {
+          "kinds": [1, 2, 4, 42],
+          "period": 60000,
+          "rate": 12
+        },
+        {
+          "kinds": [1, 2, 4, 42],
+          "period": 3600000,
+          "rate": 360
+        },
+        {
+          "kinds": [[5, 7], [43, 49]],
+          "period": 60000,
+          "rate": 30
+        },
+        {
+          "kinds": [[10000, 19999], [30000, 39999]],
+          "period": 60000,
+          "rate": 24
+        },
+        {
+          "kinds": [[20000, 29999]],
+          "period": 60000,
+          "rate": 60
+        },
+        {
+          "period": 3600000,
+          "rate": 720
+        },
+        {
+          "period": 86400000,
+          "rate": 2880
+        }
+      ],
+      "whitelists": {
+        "pubkeys": [],
+        "ipAddresses": [
+          "::1",
+          "::ffff:10.10.10.1"
+        ]
+      }
+    },
+    "client": {
+      "subscription": {
+        "maxSubscriptions": 10,
+        "maxFilters": 10
+      }
+    },
+    "message": {
+      "rateLimits": [
+        {
+          "period": 60000,
+          "rate": 120
+        },
+        {
+          "period": 3600000,
+          "rate": 3600
+        },
+        {
+          "period": 86400000,
+          "rate": 86400
+        }
+      ],
+      "ipWhitelist": [
+        "::1",
+        "::ffff:10.10.10.1"
+      ]
+    }
+  }
+}
diff --git a/Caddyfile.local b/Caddyfile.local
new file mode 100644
index 0000000..020238d
--- /dev/null
+++ b/Caddyfile.local
@@ -0,0 +1,9 @@
+{
+	auto_https disable_certs
+}
+
+nostream.localtest.me {
+	tls /root/certs/nostream.localtest.me.pem /root/certs/nostream.localtest.me-key.pem
+
+	reverse_proxy nostr-ts-relay:8008
+}
diff --git a/docker-compose.local.yml b/docker-compose.local.yml
new file mode 100644
index 0000000..b5db73d
--- /dev/null
+++ b/docker-compose.local.yml
@@ -0,0 +1,23 @@
+services:
+  relay:
+    volumes:
+      - ${PWD}/.nostr.local:/home/node/
+  caddy:
+    image: caddy:2.6.2-alpine
+    container_name: caddy
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - ${PWD}/Caddyfile.local:/etc/caddy/Caddyfile
+      - ${PWD}/.nostr.local/certs:/root/certs/
+      - caddydata:/data
+      - caddyconfig:/config
+    restart: unless-stopped
+    networks:
+      default:
+        ipv4_address: 10.10.10.5
+
+volumes:
+  caddyconfig:
+  caddydata:
diff --git a/scripts/start_local b/scripts/start_local
new file mode 100755
index 0000000..a33251b
--- /dev/null
+++ b/scripts/start_local
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+PROJECT_ROOT="$(dirname $(readlink -f "${BASH_SOURCE[0]}"))/.."
+DOCKER_COMPOSE_FILE="${PROJECT_ROOT}/docker-compose.yml"
+DOCKER_COMPOSE_LOCAL_FILE="${PROJECT_ROOT}/docker-compose.local.yml"
+
+if ! type "mkcert" &> /dev/null; then
+  echo "Could not find mkcert, which is required for generating locally-trusted TLS certificates. Follow the installation instructions at https://github.com/FiloSottile/mkcert, then run this script again."
+  exit 1
+fi
+
+mkcert -install
+mkcert \
+  -cert-file ${PROJECT_ROOT}/.nostr.local/certs/nostream.localtest.me.pem \
+  -key-file ${PROJECT_ROOT}/.nostr.local/certs/nostream.localtest.me-key.pem \
+  nostream.localtest.me
+
+docker compose \
+  -f $DOCKER_COMPOSE_FILE \
+  -f $DOCKER_COMPOSE_LOCAL_FILE \
+  up --build --remove-orphans $@
diff --git a/settings.sample.json b/settings.sample.json
index a5fb659..87b6594 100644
--- a/settings.sample.json
+++ b/settings.sample.json
@@ -2,7 +2,7 @@
   "info": {
     "relay_url": "wss://nostream.your-domain.com",
     "name": "nostream.your-domain.com",
-    "description": "A nostr relay written in Typescript.",
+    "description": "A nostr relay written in TypeScript.",
     "pubkey": "replace-with-your-pubkey",
     "contact": "operator@your-domain.com"
   },