Share on Social Media

Learn how to install Caddy Server on CentOS 7 with our step-by-step guide. Secure your web server with automatic HTTPS and enjoy easy configuration and modern features. #centlinux #linux #webserver

What is Caddy Server?

Caddy server is an open source, HTTP/2 enabled web server written in Go language. One of the most notable features of Caddy is automatic enabling TLS for hosted websites. Caddy automatically acquires and renew TLS certificates from Let’s Encrypt. Caddy can also be configured as the reverse proxy server. Caddy is distributed under Apache 2 license.

Caddy Server is an open-source web server that is known for its ease of use, powerful features, and modern design. Here are some key features and aspects of Caddy Server:

Automatic HTTPS: One of Caddy’s standout features is its automatic HTTPS functionality. It automatically obtains and renews TLS certificates from Let’s Encrypt, making it very easy to set up secure websites.
Simplicity and Ease of Use: Caddy’s configuration syntax is designed to be simple and human-readable. Its default settings are secure and optimized for most use cases, which reduces the need for extensive configuration.
Extensible Architecture: Caddy is built with a modular architecture, allowing developers to extend its functionality with plugins. This makes it flexible and adaptable to various needs.
Cross-Platform Support: Caddy can run on various platforms, including Linux, macOS, Windows, and even in containers like Docker.
HTTP/2 and HTTP/3 Support: Caddy supports modern web protocols, including HTTP/2 and HTTP/3, providing better performance and security.
Reverse Proxy: Caddy can function as a reverse proxy, distributing requests to multiple backend servers, which is useful for load balancing and improving availability.
Built-in Web Applications: It has built-in support for static file serving, CGI, FastCGI, and SCGI, which can be useful for serving dynamic content.
Configuration Management: Caddy can be configured using a simple text file (Caddyfile) or via its JSON API, making it versatile for different deployment scenarios.

Caddy is often favored for its security features, ease of setup, and modern approach to web server management, making it a popular choice for developers and system administrators alike.

In this article, we will install Caddy server on CentOS 7 and configure HTTP and HTTPS websites on Caddy.

Apache vs Caddy Server

1. Ease of Use:

Apache: Requires more manual configuration and can be complex for beginners. Configuration is done through extensive configuration files like httpd.conf.
Caddy: Known for its simplicity and ease of use. Uses a simple and human-readable configuration file called the Caddyfile.

2. Automatic HTTPS:

Apache: Requires manual configuration for HTTPS and obtaining SSL/TLS certificates.
Caddy: Automatically manages HTTPS, including obtaining and renewing certificates from Let’s Encrypt.

3. Performance:

Apache: Performance can be optimized but often requires manual tuning. Supports a variety of Multi-Processing Modules (MPMs) to handle requests.
Caddy: Built with performance in mind, supports HTTP/2 and HTTP/3 out of the box, and typically requires less manual tuning for good performance.

4. Configuration:

Apache: Configuration is flexible but can be complex, with a steeper learning curve.
Caddy: Configuration is simpler and more straightforward, making it easier to set up and manage.

5. Extensibility:

Apache: Extremely extensible with a wide range of modules available for various functionalities.
Caddy: Modular and extensible with plugins, though the ecosystem is not as large as Apache’s.

6. Reverse Proxy:

Apache: Can function as a reverse proxy and supports load balancing, but requires more configuration.
Caddy: Built-in support for reverse proxy and load balancing with simpler configuration.

7. Operating System Support:

Apache: Supports a wide range of operating systems, including Unix-like systems and Windows.
Caddy: Also supports multiple platforms, including Linux, macOS, Windows, and containers like Docker.

8. Community and Support:

Apache: Has a large and mature community with extensive documentation and a wealth of resources available.
Caddy: Growing community with good documentation and support, but not as extensive as Apache’s.

9. Use Cases:

Apache: Widely used in enterprise environments, supports a variety of applications, and can be tailored for complex setups.
Caddy: Preferred for simpler setups, modern web applications, and scenarios where ease of use and automatic HTTPS are priorities.

Conclusion:

Apache: Best suited for complex, large-scale environments where extensive customization and module support are required.
Caddy: Ideal for simpler, modern deployments where ease of use, security, and performance are primary concerns.

Recommended Courses

If you’re serious about leveling up your Linux skills, I highly recommend the Linux Mastery: Master the Linux Command Line in 11.5 Hours by Ziyad Yehia course. It’s a practical, beginner-friendly program that takes you from the basics to advanced command line usage with clear explanations and hands-on exercises. Whether you’re a student, sysadmin, or developer, this course will help you build the confidence to navigate Linux like a pro.

👉 Enroll now through my affiliate link and start mastering the Linux command line today!

Disclaimer: This post contains affiliate links. If you purchase through these links, I may earn a small commission at no extra cost to you, which helps support this blog.

Linux Server Specification

We have provisioned a CentOS 7 virtual machine with following specifications:

CPU – 3.4 Ghz (1 Core)
Memory – 1 GB
Storage – 20 GB
Operating System – CentOS 7.7
Hostname – caddy-01.example.com
IP Address – 192.168.116.206 /24

For an optimal environment running Caddy Server on CentOS 7, having reliable and high-performance hardware is crucial. Consider the PCI-E 4-Port Quad 10/100/1000Mbps Gigabit Ethernet for fast and stable network connectivity, perfectly suited for Linux servers requiring robust data throughput.

Complementing this, the TP-Link WiFi 6 PCIe WiFi Card (Archer TX55E) offers ultra-fast wireless networking with excellent compatibility and low latency, enhancing your server’s networking flexibility. Both products are best sellers on Amazon, trusted by Linux and DevOps professionals alike to build resilient server setups.

Disclaimer: This post contains affiliate links to products on Amazon. If you purchase through these links, we may earn a small commission at no extra cost to you. This helps support our content creation and is greatly appreciated.

Install Caddy Server on CentOS 7

Connect with caddy-01.example.com using ssh as root user.

Install latest stable release of Caddy web server using following command.

curl https://getcaddy.com | bash -s personal

Output:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  7380  100  7380    0     0   4430      0  0:00:01  0:00:01 --:--:--  4432
Downloading Caddy for linux/amd64 (personal license)...
Download verification OK
Extracting...
Putting caddy in /usr/local/bin (may require password)
Caddy v1.0.3 (h1:i9gRhBgvc5ifchwWtSe7pDpsdS9+Q0Rw9oYQmYUTw1w=)
Successfully installed

We will install Caddy server – Personal edition here.

If you wish to download commercial version of Caddy web server then, you have to provide Account ID and API Key as describes at Caddy’s download page.

Locate installation directory of Caddy web server.

whereis caddy

Output:

caddy: /usr/local/bin/caddy

Unlike Apache and Nginx; Caddy web server does not create configuration files, systemd service and dedicated user to own Caddy service and files.

Therefore, we have to manually create a user for Caddy web server.

adduser -r -s /sbin/nologin -d /var/www caddy

Here, we are creating

a system user using -r parameter
with /sbin/nologin shell and
the default home directory set to /var/www.

Create directory structure for Caddy Web Server

Caddy’s installation process does not create necessary directories, therefore, we have to manually create these directories and set appropriate permissions.

Create a configuration directory for Caddy web server.

mkdir /etc/caddy
chown -R root:caddy /etc/caddy
touch /etc/caddy/Caddyfile

Caddy web server automatically obtains SSL certificate from Let’s Encrypt, and it requires following directory to store that SSL certificate.

mkdir /etc/ssl/caddy
chown -R caddy:root /etc/ssl/caddy
chmod o-rwx /etc/ssl/caddy/

Create the directory to host websites on Caddy web server.

mkdir /var/www
chown caddy:caddy /var/www

Create Systemd service for Caddy

As you have notice that the installation and configuration of Caddy web server on CentOS 7 is not an automated process and we are creating each file/directory and adjusting permissions for the same.

Similarly, we are required to create a system service to automatically run Caddy web server in daemon mode.

Luckily, official Caddy repository provide a Caddy system unit file, that we can use to create a systemd service on CentOS 7.

Instead of using the actual file, we have derived a simpler version of our own.

vi /usr/lib/systemd/system/caddy.service

and add following lines of code therein.

[Unit]
Description=Caddy HTTP/2 web server
Documentation=https://caddyserver.com/docs
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service

[Service]
Restart=on-abnormal

StartLimitIntervalSec=14400
StartLimitBurst=10

User=caddy
Group=caddy

Environment=CADDYPATH=/etc/ssl/caddy

ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
ExecReload=/bin/kill -USR1 $MAINPID

KillMode=mixed
KillSignal=SIGQUIT
TimeoutStopSec=5s

LimitNOFILE=1048576
LimitNPROC=512

PrivateTmp=true
PrivateDevices=false
ProtectHome=true
ProtectSystem=full
ReadWritePaths=/etc/ssl/caddy
ReadWriteDirectories=/etc/ssl/caddy

[Install]
WantedBy=multi-user.target

Create a Server Block in Caddyfile

Configure Caddyfile and create a simple server block.

vi /etc/caddy/Caddyfile

Add following directives to add an HTTP server block.

http:// {
    root /var/www
    gzip
}

Create an index page for our website.

vi /var/www/index.html

add following code in this file.

<html>
<head><title>Hello World</title>
<body><h1>Hello World</h1></body>
</html>

Enable and start caddy.service.

systemctl enable --now caddy.service

Allow http service in CentOS 7 firewall.

firewall-cmd --permanent --add-service=http
firewall-cmd --reload

Open URL http://caddy-01.example.com in a web browser.

If configurations are correct then it will display the ‘Hello World’ webpage.

Configuring Automatic TLS on Caddy Web Server

Automatic TLS is the distinct feature of Caddy web server that distinguishes Caddy from other web servers.

If automatic TLS is configured, then Caddy web server automatically request and renew the TLS certificates from Let’s Encrypt (a free, automated and open certificate authority).

Edit Caddyfile to configure automatic TLS.

vi /etc/caddy/Caddyfile

and add another server block.

caddy-01.example.com {
    root /var/www
    gzip
    tls ahmer@example.com
}

Here,

caddy-01.example.com must be a registered domain and accessible over the Internet.
tls directive will inform the Caddy service to acquire a TLS certificate from Let’s Encrypt and start the service on default https port 443.

Allow https service in CentOS 7 firewall.

firewall-cmd --permanent --add-service=https
firewall-cmd --reload

Restart Caddy service to load changes.

systemctl restart caddy.service

Open URL https://caddy-01.example.com in a web browser.

If configurations are correct then it will display the same ‘Hello World’ webpage but over https protocol this time.

We have successfully installed Caddy web server on CentOS 7 and publish HTTP and HTTPS websites using Caddy.

FAQs

1. How do I install Caddy Server on CentOS 7?
Update your system packages with

sudo yum clean all 
sudo yum -y update

Then install Caddy by running

sudo curl https://getcaddy.com | bash -s personal

Verify installation by typing which caddy.

2. How do I set up Caddy as a system service on CentOS 7?
Create a caddy user with

sudo adduser -r -d /var/www -s /sbin/nologin caddy

Download the systemd service file using

curl -s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service -o /etc/systemd/system/caddy.service

edit it to set

User=caddy 
Group=caddy

then reload systemd and enable the service.

3. How do I configure the Caddyfile for CentOS 7?
Create or edit /etc/caddy/Caddyfile with your domain or IP and website root directory. For example:

http:// {  
  root /var/www  
  gzip  
}

This sets up HTTP on port 80 serving files from /var/www.

4. How do I start and enable the Caddy service?
Run following commands to start and enable Caddy to run on boot.

sudo systemctl start caddy 
sudo systemctl enable caddy

5. How do I open HTTP and HTTPS ports for Caddy on CentOS 7?
Use firewall-cmd to allow traffic:

sudo firewall-cmd --permanent --zone=public --add-service=http  
sudo firewall-cmd --permanent --zone=public --add-service=https  
sudo firewall-cmd --reload

This opens ports 80 and 443 for web traffic.

Final Thoughts

Installing Caddy Web Server on CentOS 7 can significantly simplify your web server management, offering automatic HTTPS, easy configuration, and modern features right out of the box. Whether you are a beginner or an experienced administrator, Caddy Server’s user-friendly design and powerful capabilities make it an excellent choice for your web hosting needs.

Need a dependable Linux system administrator? I specialize in managing, optimizing, and securing Linux servers to keep your operations running flawlessly. Check out my services!

Ensure your web server is secure and optimized with expert help. Contact me today!