diff --git a/README.md b/README.md
index 3c7ff30..a729713 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,8 @@ Example configuration:
         backend localhost:8080
     }
 
+See the man page for more information.
+
 ## License
 
 MIT
diff --git a/tlstunnel.1.scd b/tlstunnel.1.scd
new file mode 100644
index 0000000..31c3e01
--- /dev/null
+++ b/tlstunnel.1.scd
@@ -0,0 +1,71 @@
+tlstunnel(1)
+
+# NAME
+
+tlstunnel - TLS reverse proxy
+
+# SYNOPSIS
+
+*tlstunnel* [options...]
+
+# DESCRIPTION
+
+tlstunnel is a TLS reverse proxy with support for automatic TLS certificate
+retrieval via the ACME protocol.
+
+# OPTIONS
+
+*-h*, *-help*
+	Show help message and quit.
+
+*-config* <path>
+	Path to the configuration file.
+
+# CONFIG FILE
+
+The config file has one directive per line. Directives have a name, followed
+by parameters separated by space characters. Directives may have children in
+blocks delimited by "{" and "}". Lines beginning with "#" are comments.
+
+Example:
+
+```
+frontend example.org:443 {
+    backend localhost:8080
+}
+```
+
+The following directives are supported:
+
+*frontend* <address>... { ... }
+	Addresses to listen on for incoming TLS connections.
+
+	Each address is in the form _<name>:<port>_. The name may be omitted.
+
+	The frontend directive supports the following sub-directives:
+
+	*backend* <uri>...
+		Backend to forward incoming connections to.
+
+		The following URIs are supported:
+
+		- _[tcp://]<host>:<port>_ connects to a TCP server
+		- _unix://<path>_ connects to a Unix socket
+
+		The _+proxy_ suffix can be added to the URI scheme to forward
+		connection metadata via the PROXY protocol.
+
+
+*tls* { ... }
+	Customise TLS configuration.
+
+	The tls directive supports the following sub-directives:
+
+	*ca* <url>
+		ACME Certificate Authority endpoint.
+
+# AUTHORS
+
+Maintained by Simon Ser <contact@emersion.fr>, who is assisted by other
+open-source contributors. For more information about tlstunnel development, see
+https://git.sr.ht/~emersion/tlstunnel.