How to Install Caddy Webserver on Ubuntu 24.04

Updated on July 25, 2024
How to Install Caddy Webserver on Ubuntu 24.04 header image

Introduction

Caddy is an open-source web server that supports static and modern web applications using predefined configuration rules with automatic HTTPS enabled for all linked domain names. Written in GO, Caddy offers user-friendly configuration directives that enable you to either use it as a web server, reverse proxy, or load balancer to serve web applications on your server.

This article explains how to install the Caddy web server on Ubuntu 24.04 and securely serve web applications on the server.

Prerequisites

Before you begin:

Install Caddy

Caddy is not available in the default Ubuntu 24.04 APT repositories but can be installed from source files or by adding the latest repository information on your server. Follow the steps below to download the latest Caddy repository information and install the application on your server.

  1. Add the latest Caddy GPG Key to your server.

    console
    $ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
    
  2. Add the Caddy repository to your APT sources.

    console
    $ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
    
  3. Update the server package index.

    console
    $ sudo apt update
    
  4. Install Caddy.

    console
    $ sudo apt install caddy
    
  5. View the installed Caddy version to verify that the installation is successful.

    console
    $ caddy -v
    

    Output:

    v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=
  6. Allow incoming connections to the HTTP port 80 through the firewall.

    console
    $ sudo ufw allow 80
    
  7. Restart the firewall to apply changes.

    console
    $ sudo ufw reload
    
  8. Access your server IP to test access to the Caddy web server.

    http://SERVER-IP

    Confirm that the default Caddy webpage displays in your browser.

    default-caddy-webpage

Manage the Caddy System Service

  1. Enable Caddy to start at boot time.

    console
    $ sudo systemctl enable caddy
    
  2. Start the Caddy web server.

    console
    $ sudo systemctl start caddy
    
  3. View the Caddy system service status to verify that the application is running.

    console
    $ sudo systemctl status caddy
    

    Output:

    ● caddy.service - Caddy
         Loaded: loaded (/usr/lib/systemd/system/caddy.service; enabled; preset: enabled)
         Active: active (running) since Mon 2024-06-10 14:46:16 UTC; 8min ago
           Docs: https://caddyserver.com/docs/
       Main PID: 30024 (caddy)
          Tasks: 7 (limit: 1061)
         Memory: 11.7M (peak: 13.9M)
            CPU: 138ms
         CGroup: /system.slice/caddy.service
                 └─30024 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Create a Caddy Virtual Host

Caddy stores configuration files in the /etc/caddy directory by default and supports Caddyfile configurations from any location on your server. Follow the steps below to create a new Caddy virtual host to serve web application files from the /var/www/example.com directory on your server.

  1. Create the /var/www/example.com web application files directory.

    console
    $ sudo mkdir -p /var/www/example.com
    
  2. Create a new HTML application file index.html.

    console
    $ sudo nano /var/www/example.com/index.html
    
  3. Add the following code to the file.

    html
    <html>
    <head>
        <title>Greetings from Vultr!</title>
    </head>
    <body>
        <br>
        <br>
        <br>
        <h1 align="center">Hello World!, Greetings from Vultr</h1>
    </body>
    </html>
    

    Save and close the file.

  4. Switch to the Caddy configuration files directory.

    console
    $ cd /etc/caddy/
    
  5. Back up the default Caddyfile configuration.

    console
    $ sudo mv Caddyfile Caddyfile.default
    
  6. Create a new Caddyfile configuration.

    console
    $ sudo nano Caddyfile
    
  7. Add the following configurations to the file.

    ini
    example.com {
            tls admin@example.com
            root * /var/www/example.com
            file_server {
                index index.html
            }
            log {
            output file /var/log/caddy/example.log
            format console
            }
    }
    

    Save and exit the file.

    The above Caddy configuration creates a new virtual host using your domain example.com. Within the configuration:

    • example.com: Creates a new virtual host profile using your IP address or domain.
    • tls: Specifies the email address to associate with Let's Encrypt SSL certificate generation requests.
    • root: Sets the virtual host web application files directory.
    • file_server: Enables the web application file server. Within the directive, index specifies the default file to serve when your domain is accessed.
    • log: Enables logging of access and error details to a specific file such as /var/log/caddy/example.log.
  8. Test the Caddy configuration for errors.

    console
    $ caddy validate
    

    Output:

    ...........
    2024/06/1 15:19:11.478 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc0000e5300"}
    2024/06/1 15:19:11.478 INFO    tls.cache.maintenance   stopped background certificate maintenance      {"cache": "0xc0000e5300"}
    Valid configuration
  9. Reload the Caddy web server to apply your configuration changes.

    console
    $ sudo caddy reload
    

Secure the Caddy Web Server

Caddy uses automatic HTTPS to secure all connections using SSL certificates on virtual host profiles with valid domains on your server. Follow the steps below to secure the Caddy web server by limiting access to the Caddyfile configurations from unintended or unauthorized user changes.

  1. Grant the Caddy user full privileges to the /etc/caddy directory.

    console
    $ sudo chown -R caddy:caddy /etc/caddy
    
  2. Grant the Caddy user read and write permissions to the Caddyfile while disabling access for other system users.

    console
    $ sudo chmod 660 /etc/caddy/Caddyfile
    
  3. Long list the /etc/caddy directory to verify the permission changes.

    console
    $ ls -l /etc/caddy/
    

    Output:

    total 8
    -rw-rw---- 1 caddy caddy 168 Jun 2 15:20 Caddyfile
    -rw-r--r-- 1 caddy caddy 769 Jun  2 12:07 Caddyfle.default

Set Up Firewall Rules

Caddy uses the HTTP port 80 and HTTPS port 443 depending on your Caddyfile configurations to serve files on the server. Follow the steps below to allow all the Caddy ports through the firewall and enable network connections to the web server.

  1. View the UFW status and verify that it's active.

    console
    $ sudo ufw status
    

    If the status is inactive, allow the SSH port 22 and enable UFW.

    console
    $ sudo ufw allow 22 && sudo ufw enable
    
  2. Allow incoming connections to the HTTP port 80.

    console
    $ sudo ufw allow 80
    
  3. Allow incoming connections to the HTTPS port 443.

    console
    $ sudo ufw allow 443
    
  4. Reload the firewall to apply changes

    console
    $ sudo ufw reload
    
  5. Access your domain using a browser such as Chrome to verify that Caddy serves your virtual host web application fils.

    https://example.com

    If you receive a connection error, view the Caddy configuration logs to verify the error details.

    a-caddy-virtual-host-web-application

Conclusion

You have installed the Caddy web server on an Ubuntu 24.04 server and set up a virtual host profile to serve web application files on the server. Visit the Caddy documentation for more information and configuration options.