Hello, friends. We have talked about webservers a few times, but we still need to learn how to install Caddy web server on RockyLinux 8 / AlmaLinux 8 / CentOS 8 so let’s go for it.
Caddy is the HTTP/2 web server with automatic HTTPS. That’s the description they give us on their website. It is a lightweight, commercially supported web server that can acquire and renew SSL/TLS certificates automatically using Let’s Encrypt.
Among its most outstanding features are:
- Easy configuration with the Caddyfile.
- Automatic HTTPS on by default (via Let’s Encrypt)
- HTTP/2 by default. In other words, this is important to maintain the security of our websites.
- Virtual hosting so multiple sites just work.
- Experimental QUIC support for cutting-edge transmissions.
- TLS session ticket key rotation for more secure connections.
- Extensible with plugins because a convenient web server is a helpful one.
- Runs anywhere with no external dependencies.
As can be seen, it is an interesting and practical web server. It comes to add to the list that already conforms to the veteran Apache and Nginx.
Install Caddy web server on RockyLinux 8 / AlmaLinux 8 / CentOS 8
The installation of the Caddy web server is really easy, but first, we have to upgrade the operating system.
sudo dnf update
After that, we can install Caddy by enabling a special repository with these two commands.
sudo dnf install 'dnf-command(copr)' sudo dnf copr enable @caddy/caddy
Now you can install Caddy by running
sudo dnf install caddy
You can check the installed version with command:
caddy version v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=
Configuring Caddy Web Server
Normally you have a Firewall running, so you have to enable ports 80 and 443 on it. Now at the system level, you can do it using these commands:
sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --permanent --add-service=https
And to apply the changes, restart the firewall
sudo systemctl reload firewalld
After this, you have to enable and start the Caddy service
sudo systemctl enable --now caddy
Then, you can check the status of the service
sudo systemctl status caddy
● caddy.service - Caddy
Loaded: loaded (/usr/lib/systemd/system/caddy.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2021-08-10 21:44:18 CEST; 4s ago
Docs: https://caddyserver.com/docs/
Main PID: 1418 (caddy)
Tasks: 6 (limit: 12117)
Memory: 22.0M
CGroup: /system.slice/caddy.service
└─1418 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
Aug 10 21:44:18 osradar caddy[1418]: JOURNAL_STREAM=9:26184
Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9095478,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter">Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9125738,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_or>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9126773,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS wi>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9130268,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/au>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.913065,"msg":"serving initial configuration"}
Aug 10 21:44:18 osradar systemd[1]: Started Caddy.
Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.913603,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache">Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.913627,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.loc>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9136415,"logger":"tls","msg":"finished cleaning storage units"}
Now yes, open a web browser you trust and go to http:your-server and you will see the following
So, Caddy web server is installed and running.
Creating a new site on Caddy web server
This step is the equivalent of a VirtualHost on Apache or a ServerBlock on Nginx. So, create the directory dedicated to your site.
sudo mkdir -p /var/www/osradar.test/html
In my case, I called it osradar.test but you can call it whatever you want.
Also, create a directory dedicated to the logs.
sudo mkdir /var/log/caddy
Make the user caddy the owner of both folders.
sudo chown caddy:caddy /var/www/osradar.test/html -R sudo chown caddy:caddy /var/log/caddy
Now create an index.html file in your new site directory.
sudo nano /var/www/osradar.test/html/index.html
And add some code
<!DOCTYPE html> <html> <head> <title>Hi</title> </head> <body> <h1>Welcome to Osradar</h1> </body> </html>
Save the changes and close the editor.
Now in the main Caddy configuration file. comment out the few lines there and at the end add the following
sudo nano /etc/caddy/Caddyfile
osradar.test {
root * /var/www/osradar.test/html
file_server
encode gzip
log {
output file /var/log/caddy/osradar.test.log
}
@static {
file
path *.ico *.css *.js *.gif *.jpg *.jpeg *.png *.svg *.woff *.pdf *.webp
}
header @static Cache-Control max-age=5184000
tls [email protected]
}
Save the changes
Validate the configuration file
caddy validate --adapter caddyfile --config /etc/caddy/Caddyfile
If the on-screen output results in a warning, you can fix it by running
caddy fmt --overwrite /etc/caddy/Caddyfile
To apply the changes, restart the Caddy service.
sudo systemctl restart caddy
So, enjoy it.
Conclusion
Caddy is a solid alternative to Apache and Nginx that even serves as a Reverse Proxy. So, in this post, you learned how to install and tune it on Rocky Linux.
I recommend you consult the extensive official documentation of the application.
