Install and Configure the Caddy Web Server on Debian 10

Updated by Linode Contributed by Linode

Contribute on GitHub

Report an Issue | View File | Edit File

Caddy is a fast, open-source, and security-focused web server written in Go. Caddy includes modern features such as support for virtual hosts, minification of static files, and HTTP/2. Caddy is also the first web-server that can obtain and renew SSL/TLS certificates automatically using Let’s Encrypt.

Before You Begin

  1. Familiarize yourself with our Getting Started guide and complete the steps for setting your Linode’s hostname and timezone.

  2. Complete the sections of our Securing Your Server guide to create a standard user account, harden SSH access, and remove unnecessary network services.

  3. Register (purchase) your site’s domain name and follow our DNS Manager Overview guide to point the domain to your Linode.

  4. Update your system:

    sudo apt-get update && sudo apt-get upgrade
    

Install Caddy

  1. Install Caddy. This will install Caddy version 1.0.4. along with the hook.service plugin, which gives you access to a systemd unit file that you can use to manage Caddy as a systemd service. See their downloads page for more information on available Caddy versions.

    curl https://getcaddy.com | bash -s personal hook.service
    

    Caddy will be installed to your /usr/local/bin/caddy directory.

    Note
    To learn about Caddy licensing, please read their blog post on the topic. In 2017, commercial use of Caddy and their binaries required a license, however, they have recently updated their licensing and commercial licenses are no longer required for their use.

Add Web Content

In this section, you will create the necessary directories to host your website files, set their correct permissions, and add a basic index file to your example site.

Note
Throughout this section, replace all instances of example.com with your own domain.
  1. Set up a document root for your website. A document root is the directory where your website files are stored.

    sudo mkdir -p /var/www/example.com
    
  2. Change your site’s document root to be owned by the www-data user.

    sudo chown -R www-data:www-data /var/www/example.com
    
  3. Create a test index page for your site. Replace example.com with your own domain.

    sudo touch /var/www/example.com/index.html
    
  4. Add the example html to your site’s index.

    sudo echo '<!doctype html><head><title>Caddy Test Page</title></head><body><h1>Hello, World!</h1></body></html>' | sudo tee /var/www/example.com/index.html
    

Configure the Caddyfile

Now that you have your website’s document root set up with example content, you are ready to configure Caddy to serve your website files to the internet. This section will create a basic Caddy configuration, which will automatically enable HTTPS using Let’s Encrypt.

  1. Create a directory to store Caddy’s configuration files:

    sudo mkdir -p /etc/caddy
    
  2. Update the directory’s owner to be the web server user, www-data.

    sudo chown -R www-data:www-data /etc/caddy
    
  3. Using the text editor of your choice, create and edit the Caddyfile to serve your example site. The Caddyfile is Caddy’s main configuration file. Replace example.com with your own domain.

    /etc/caddy/Caddyfile
    1
    2
    3
    4
    
    example.com {
        root /var/www/example.com
    }
          
  4. Install Caddy as a systemd service:

    sudo caddy -service install
    
  5. Start the Caddy service:

    sudo systemctl start caddy
    
  6. Verify that the service is active:

    sudo systemctl status caddy
    

    You should see a similar output:

      
    ● caddy.service - Caddy's service
       Loaded: loaded (/etc/systemd/system/caddy.service; enabled; vendor preset: enabled)
       Active: active (running) since Thu 2020-03-05 14:56:45 EST; 9s ago
     Main PID: 19505 (caddy)
        Tasks: 10 (limit: 4659)
       CGroup: /system.slice/caddy.service
               └─19505 /usr/local/bin/caddy
    
    Mar 05 14:56:45 example_hostname systemd[1]: Started Caddy's service.
    Mar 05 14:56:45 example_hostname caddy[19505]: Activating privacy features... done.
    Mar 05 14:56:45 example_hostname caddy[19505]: Serving HTTP on port 2015
    Mar 05 14:56:45 example_hostname caddy[19505]: http://:2015
    
    
  7. Tell Caddy where to look for your Caddyfile, replace [email protected] with your email address:

    caddy -agree -conf /etc/caddy/Caddyfile -email [email protected] &
    

    Caddy will automatically serve your site over HTTPS using Let’s Encrypt.

      
    Activating privacy features...
    
    2020/03/05 13:31:25 [INFO] acme: Registering account for [email protected]
    2020/03/05 13:31:25 [INFO] [example.com] acme: Obtaining bundled SAN certificate
    2020/03/05 13:31:26 [INFO] [example.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3180082162
    2020/03/05 13:31:26 [INFO] [example.com] acme: Could not find solver for: tls-alpn-01
    2020/03/05 13:31:26 [INFO] [example.com] acme: use http-01 solver
    2020/03/05 13:31:26 [INFO] [example.com] acme: Trying to solve HTTP-01
    2020/03/05 13:31:26 [INFO] [example.com] Served key authentication
    2020/03/05 13:31:26 [INFO] [example.com] Served key authentication
    2020/03/05 13:31:26 [INFO] [example.com] Served key authentication
    2020/03/05 13:31:36 [INFO] [example.com] Served key authentication
    2020/03/05 13:31:40 [INFO] [example.com] The server validated our request
    2020/03/05 13:31:40 [INFO] [example.com] acme: Validations succeeded; requesting certificates
    2020/03/05 13:31:41 [INFO] [example.com] Server responded with a certificate.
    done.
    
    Serving HTTPS on port 443
    https://example.com
    
    Serving HTTP on port 80
    http://example.com
        
    
  8. Open a web browser and visit your domain. You should see the contents of the index.html page that you created in Step 4 of the Add Web Content section.

Join our Community

Find answers, ask questions, and help others.

comments powered by Disqus

This guide is published under a CC BY-ND 4.0 license.