HugeServer Knowledgebase

How to Install Caddy on CentOS 7


Caddy is one of the next generation modern web servers written in GO language that’s why the binaries are entirely self-contained and can be run on every platform. These are some of the benefits of the Caddy:

  • Caddy is very lightweight and has low resource requirements.
  • Configuration is very simple.
  • Supports HTTP/2.0
  • Caddy is the only web server that uses HTTPS by default.
  • It’s very fast for processing static content.

In this tutorial, we are going to install and configure Caddy and make it run as a service.
We are assuming that you have root permission, otherwise, you may start commands with “sudo”.

Download Caddy binaries

Run the following script, it will download Caddy binary and put them in your executable PATH:

curl | bash

You  can run the following command to see where is your Caddy’s binary file:

which caddy

Your output should be like below:


Creating Caddy Service

Caddy does not install itself as a service which means it doesn’t start automatically during reboots, in the following steps we are going to create a dedicated user for Caddy and place the configuration files in the proper places and set their ownerships permissions.

If you didn’t download the binary file with the root user you have to modify the binary file permission with the commands below:

chown root:root /usr/local/bin/caddy

chmod 755 /usr/local/bin/caddy

With the command below you will give the binary the ability to bind the privileged ports:

setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy

Now it’s time to set up user and group for Caddy:

groupadd caddy
useradd \
> -g caddy \
> --home-dir /var/www --no-create-home \
> --shell /usr/sbin/nologin \
> --system caddy

We have to create some directories and set their permissions and owner as well.

Execute the commands below to create the main directory of Caddy (which you are going to store your configuration files) and set the proper permission:

mkdir /etc/caddy

chown -R root:caddy /etc/caddy

Make the SSL directory to store your SSL configurations:

mkdir /etc/ssl/caddy

chown -R caddy:root /etc/ssl/caddy

chmod 770 /etc/ssl/caddy

Place the “Caddyfile” in the proper directory appropriate ownership and permission:

touch /etc/caddy/Caddyfile

chown caddy:caddy /etc/caddy/Caddyfile

chmod 444 /etc/caddy/Caddyfile

Create the Home directory for Caddy and set the permission and ownership:

mkdir /var/www

chown -R caddy:caddy /var/www

chmod -R 555 /var/www

At last, we can create the “caddy.service” file, Switch to the following directory:

cd /etc/systemd/system/

Create a new file named “caddy.service”

nano caddy.service

Paste the following configuration then save and exit:

Description=Caddy HTTP/2 web server
Documentation= systemd-networkd-wait-online.service


; User and group the process will run as.

; Letsencrypt-issued certificates will be written to this directory.

; Always set "-root" to something safe in case it gets forgotten in the Caddyfile.
ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
ExecReload=/bin/kill -USR1 $MAINPID

; Limit the number of file descriptors; see `man systemd.exec` for more limit settings.
; Unmodified caddy is not expected to use more than that.

; Use private /tmp and /var/tmp, which are discarded after caddy stops.
; Use a minimal /dev
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
; Make /usr, /boot, /etc and possibly some more folders read-only.
; … except /etc/ssl/caddy, because we want Letsencrypt-certificates there.
;   This merely retains r/w access rights, it does not add any new. Must still be writable on the host!

; The following additional security directives only work with systemd v229 or later.
; They further retrict privileges that can be gained by caddy. Uncomment if you like.
; Note that you may have to add capabilities required by any plugins in use.


Set the owner and permissions:

chown root:root /etc/systemd/system/caddy.service

chmod 644 /etc/systemd/system/caddy.service

Restart “systemd” to take effect:

systemctl daemon-reload

Now you can use your Caddy as a service with the commands below:

systemctl enable caddy

systemctl start caddy

systemctl status caddy

Simple Configuration of Caddy

Now that you created your Caddy’s service it’s time for you to configure your Caddy to actually serve something on your standard HTTP port (80)

In order to do that, we have to write some configuration in our Caddyfile which placed in “/etc/caddy/”

nano /etc/caddy/Caddyfile

With the configuration below you will make Caddy run on port 80 and set the “/var/www” as the document root (make sure to replace the red area with your Public IP address or your Domain name):

root /var/www

Save and exit.

Restart your Caddy with the command below:

systemctl restart caddy

Switch to document root with the command below:

cd /var/www

Make an “index.html” file for the test with the command below:

nano index.html

Put the following code in it then save and exit:

Hello world!

Now you can see your IP or your Domain name trough a browser and see your Hello to the world!
You can visit Caddy official website for more information and news!

Was this tutorial helpful?

Thank you for your vote.Thank you for your vote.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *