In this tutorial, we will show you how to install the Caddy Web Server on CentOS 7. For those of you who didn’t know, the Caddy web server is an open-source, and security-focused web server written in Go. Caddy includes modern features such as support for virtual hosts, minification of static files, and HTTP/2.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Caddy Web Server on a CentOS 7 server.
Prerequisites
- A server running one of the following operating systems: CentOS 7.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Caddy Features
- Automatic HTTPS.
- Easy Deployment.
- Multi-core.
- WebSockets.
- Rewrites & Redirects.
- Virtual Hosts.
Install Caddy Web Server on CentOS 7
Step 1. First, let’s start by ensuring your system is up-to-date.
yum clean all yum -y update
Step 2. Installing Caddy web server on CentOS 7.
Install Caddy is quick and easy with run the following command:
curl https://getcaddy.com | bash
After the script finishes, you can run the following command to see where is your Caddy’s binary file:
which caddy
Your output should be like the below:
/usr/local/bin/caddy
Step 3. Setting Up Necessary Directories.
Next, create the directories where we will store the Caddy configuration file Caddyfile and SSL certificates:
mkdir /etc/caddy chown -R root:caddy /etc/caddy touch /etc/caddy/Caddyfile mkdir /etc/ssl/caddy chown -R caddy:root /etc/ssl/caddy chmod 0770 /etc/ssl/caddy mkdir /var/www chown caddy:caddy /var/www
Step 4. Installing Caddy as a System Service.
We also need to create a new SystemD configuration script:
cd /etc/systemd/system/ nano caddy.service
Add the following line:
[Unit] Description=Caddy HTTP/2 web server Documentation=https://caddyserver.com/docs After=network-online.target Wants=network-online.target systemd-networkd-wait-online.service [Service] Restart=on-failure StartLimitInterval=86400 StartLimitBurst=5 ; User and group the process will run as. User=caddy Group=caddy ; Letsencrypt-issued certificates will be written to this directory. Environment=CADDYPATH=/etc/ssl/caddy ; Always set "-root" to something safe in case it gets forgotten in the Caddyfile. ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp ExecReload=/bin/kill -USR1 $MAINPID ; Limit the number of file descriptors; see `man systemd.exec` for more limit settings. LimitNOFILE=1048576 ; Unmodified caddy is not expected to use more than that. LimitNPROC=64 ; Use private /tmp and /var/tmp, which are discarded after caddy stops. PrivateTmp=true ; Use a minimal /dev PrivateDevices=true ; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys. ProtectHome=true ; Make /usr, /boot, /etc and possibly some more folders read-only. ProtectSystem=full ; … except /etc/ssl/caddy, because we want Letsencrypt-certificates there. ; This merely retains r/w access rights, it does not add any new. Must still be writable on the host! ReadWriteDirectories=/etc/ssl/caddy ; The following additional security directives only work with systemd v229 or later. ; They further retrict privileges that can be gained by caddy. Uncomment if you like. ; Note that you may have to add capabilities required by any plugins in use. ;CapabilityBoundingSet=CAP_NET_BIND_SERVICE ;AmbientCapabilities=CAP_NET_BIND_SERVICE ;NoNewPrivileges=true [Install] WantedBy=multi-user.target
Set the owner and permissions:
chown root:root /etc/systemd/system/caddy.service chmod 644 /etc/systemd/system/caddy.service
At last, execute the following commands to enable Caddy to run on boot:
systemctl enable caddy systemctl start caddy
Step 5. Creating Test Web Page and a Caddyfile.
For testing purposes, we will create a test HTML file:
mkdir -p /var/www/my-domain.com echo "Caddy" > /var/www/idroot.us/index.html chown -R www-data: /var/www/my-domain.com
Next, add our domain to the Caddy configuration file:
nano /etc/caddy/Caddyfile
Add the following line:
my-domain.com {
root /var/www/idroot.us
}
Save the file and exit the editor. To apply the changes, restart Caddy:
systemctl restart caddy.service
Now, with a web browser, just go to https://my-domain.com, and you will see our test page!
Congratulations! You have successfully installed Caddy. Thanks for using this tutorial for installing the Caddy web server in CentOS 7 system. For additional help or useful information, we recommend you to check the official Caddy web server website.
