How to Install Caddy Webserver on Ubuntu 24.04
Introduction
Caddy is an open-source web server that supports static and modern web applications using predefined configuration rules with automatic HTTPS enabled for all linked domain names. Written in GO, Caddy offers user-friendly configuration directives that enable you to either use it as a web server, reverse proxy, or load balancer to serve web applications on your server.
This article explains how to install the Caddy web server on Ubuntu 24.04 and securely serve web applications on the server.
Prerequisites
Before you begin:
Deploy an Ubuntu 24.04 server instance on Vultr.
Create a domain name A record pointing to the server IP address.
Access the server using SSH.
Create a non-root account with sudo privileges and switch to the account.
Install Caddy
Caddy is not available in the default Ubuntu 24.04 APT repositories but can be installed from source files or by adding the latest repository information on your server. Follow the steps below to download the latest Caddy repository information and install the application on your server.
Add the latest Caddy GPG Key to your server.
console$ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
Add the Caddy repository to your APT sources.
console$ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
Update the server package index.
console$ sudo apt update
Install Caddy.
console$ sudo apt install caddy
View the installed Caddy version to verify that the installation is successful.
console$ caddy -v
Output:
v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=Allow incoming connections to the HTTP port
80through the firewall.console$ sudo ufw allow 80
Restart the firewall to apply changes.
console$ sudo ufw reload
Access your server IP to test access to the Caddy web server.
http://SERVER-IPConfirm that the default Caddy webpage displays in your browser.
Manage the Caddy System Service
Enable Caddy to start at boot time.
console$ sudo systemctl enable caddy
Start the Caddy web server.
console$ sudo systemctl start caddy
View the Caddy system service status to verify that the application is running.
console$ sudo systemctl status caddy
Output:
● caddy.service - Caddy Loaded: loaded (/usr/lib/systemd/system/caddy.service; enabled; preset: enabled) Active: active (running) since Mon 2024-06-10 14:46:16 UTC; 8min ago Docs: https://caddyserver.com/docs/ Main PID: 30024 (caddy) Tasks: 7 (limit: 1061) Memory: 11.7M (peak: 13.9M) CPU: 138ms CGroup: /system.slice/caddy.service └─30024 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
Create a Caddy Virtual Host
Caddy stores configuration files in the /etc/caddy directory by default and supports Caddyfile configurations from any location on your server. Follow the steps below to create a new Caddy virtual host to serve web application files from the /var/www/example.com directory on your server.
Create the
/var/www/example.comweb application files directory.console$ sudo mkdir -p /var/www/example.com
Create a new HTML application file
index.html.console$ sudo nano /var/www/example.com/index.html
Add the following code to the file.
html<html> <head> <title>Greetings from Vultr!</title> </head> <body> <br> <br> <br> <h1 align="center">Hello World!, Greetings from Vultr</h1> </body> </html>
Save and close the file.
Switch to the Caddy configuration files directory.
console$ cd /etc/caddy/
Back up the default Caddyfile configuration.
console$ sudo mv Caddyfile Caddyfile.default
Create a new Caddyfile configuration.
console$ sudo nano Caddyfile
Add the following configurations to the file.
iniexample.com { tls admin@example.com root * /var/www/example.com file_server { index index.html } log { output file /var/log/caddy/example.log format console } }
Save and exit the file.
The above Caddy configuration creates a new virtual host using your domain
example.com. Within the configuration:example.com: Creates a new virtual host profile using your IP address or domain.tls: Specifies the email address to associate with Let's Encrypt SSL certificate generation requests.root: Sets the virtual host web application files directory.file_server: Enables the web application file server. Within the directive,indexspecifies the default file to serve when your domain is accessed.log: Enables logging of access and error details to a specific file such as/var/log/caddy/example.log.
Test the Caddy configuration for errors.
console$ caddy validate
Output:
........... 2024/06/1 15:19:11.478 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0000e5300"} 2024/06/1 15:19:11.478 INFO tls.cache.maintenance stopped background certificate maintenance {"cache": "0xc0000e5300"} Valid configurationReload the Caddy web server to apply your configuration changes.
console$ sudo caddy reload
Secure the Caddy Web Server
Caddy uses automatic HTTPS to secure all connections using SSL certificates on virtual host profiles with valid domains on your server. Follow the steps below to secure the Caddy web server by limiting access to the Caddyfile configurations from unintended or unauthorized user changes.
Grant the Caddy user full privileges to the
/etc/caddydirectory.console$ sudo chown -R caddy:caddy /etc/caddy
Grant the Caddy user read and write permissions to the Caddyfile while disabling access for other system users.
console$ sudo chmod 660 /etc/caddy/Caddyfile
Long list the
/etc/caddydirectory to verify the permission changes.console$ ls -l /etc/caddy/
Output:
total 8 -rw-rw---- 1 caddy caddy 168 Jun 2 15:20 Caddyfile -rw-r--r-- 1 caddy caddy 769 Jun 2 12:07 Caddyfle.default
Set Up Firewall Rules
Caddy uses the HTTP port 80 and HTTPS port 443 depending on your Caddyfile configurations to serve files on the server. Follow the steps below to allow all the Caddy ports through the firewall and enable network connections to the web server.
View the UFW status and verify that it's active.
console$ sudo ufw status
If the status is
inactive, allow the SSH port22and enable UFW.console$ sudo ufw allow 22 && sudo ufw enable
Allow incoming connections to the HTTP port
80.console$ sudo ufw allow 80
Allow incoming connections to the HTTPS port
443.console$ sudo ufw allow 443
Reload the firewall to apply changes
console$ sudo ufw reload
Access your domain using a browser such as Chrome to verify that Caddy serves your virtual host web application fils.
https://example.comIf you receive a connection error, view the Caddy configuration logs to verify the error details.
Conclusion
You have installed the Caddy web server on an Ubuntu 24.04 server and set up a virtual host profile to serve web application files on the server. Visit the Caddy documentation for more information and configuration options.