Install Caddy web server on an Ubuntu 18.04 with Let’s Encrypt SSL
In this article, we will cover the steps to install Caddy Web server on Ubuntu 18.04 and how to secure it with Let’s Encrypt SSL certificates. Caddy is an open-source, production-ready that is build to be fast, easy to use, and makes you more productive. Caddy is available for Windows, Mac, Linux, BSD, Solaris, and Android.
Features of Caddy Web Server
- Easy configuration and management with the Caddyfile
- It is secure — Has automatic HTTPS on by default (via Let’s Encrypt)
- Cady uses HTTP/2 by default
- Support multiple sites hosting by using Virtual hosting
- TLS session ticket key rotation for more secure connections
- Its functionalities can be extended with plugins
- Works for both Dynamic and Static sites
- Caddy has zero-downtime reloads
- Caddy is written in Go and has no external dependencies — The binary is entirely self-contained and runs on every platform, including containers.
Install Caddy web server on an Ubuntu 18.04 LTS
You have two options to install Caddy Web server on Ubuntu 18.04 server.
- Download pre-built binary
- Build Caddy from source code
Installing Caddy web server on Ubuntu 18.04 from binary
The easiest method of installing Caddy web server on Ubuntu 18.04 is by downloading a ready binary file. Install caddy easily on Ubuntu 18,04 by running the command
curl https://getcaddy.com | sudo bash -s personal-s personal is used to specify that you’re using a personal license, for commercial use commercial.
Sample Output:
Downloading Caddy for linux/amd64 (personal license)...
Download verification OK
Extracting...
Putting caddy in /usr/local/bin (may require password)
Caddy 0.11.0 (non-commercial use only)
Successfully installedCheck binary location and version
# which caddy
/usr/local/bin/caddy
# caddy -version
Caddy 0.11.0 (non-commercial use only)Installing Caddy with Plugins
You can also install Caddy with Plugins you need, e.g to install the plugins:
- http.cache
- dns.cloudflare
- http.ratelimit
- http.git
- http.hugo
- http.upload
- http.prometheus
- http.filemanager
- http.geoip
- http.expires
You’ll run:
curl https://getcaddy.com | bash -s personal http.cache,http.expires,http.filemanager,http.geoip,http.git,http.hugo,http.prometheus,http.ratelimit,http.upload,http.webdav,net,tls.dns.cloudflareYou can check a full list of Caddy Plugins
Give the caddy binary the ability to bind to privileged ports (e.g. 80, 443) as a non-root user:
sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddySet up the user, group, and directories that will be needed:
sudo groupadd -g 33 www-data
sudo useradd \
-g www-data --no-user-group \
--home-dir /var/www --no-create-home \
--shell /usr/sbin/nologin \
--system --uid 33 www-data
sudo mkdir /etc/caddy
sudo chown -R root:root /etc/caddy
sudo mkdir /etc/ssl/caddy
sudo chown -R root:www-data /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddyCreate Caddy Systemd service unit
Install the systemd service unit configuration file, reload the systemd daemon.
wget https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service
sudo cp caddy.service /etc/systemd/system/
sudo chown root:root /etc/systemd/system/caddy.service
sudo chmod 644 /etc/systemd/system/caddy.service
sudo systemctl daemon-reloadUsing Caddy Web Server — Host WordPress Website
We will consider an example to host a WordPress powered website using Caddy web server on Ubuntu 18.04.
To run WordPress website, you need PHP, Web server, and Database server
sudo apt -y update
sudo apt -y install php-fpm php-mysql php-curl php-gd php-mbstring php-common php-xml php-xmlrpcInstall and Configure MariaDB Database server
Install and configure MariaDB database server using:
Install MariaDB 10.x on Ubuntu 18.04 and CentOS 7
Once done, login as root user and create a database for WordPress
$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 520
Server version: 10.3.9-MariaDB-1:10.3.9+maria~bionic-log mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE wp_site;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON wp_site.* to 'wp_user'@'localhost' IDENTIFIED BY 'StrongPassword';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> quit
ByeDownload WordPress and Install
Now download WordPress and untar the archive
wget http://wordpress.org/latest.tar.gz
tar xvf latest.tar.gzThis will extract all content of the tarball to a folder named wordpress on your working directory.
Move the wordpress folder to /var/www directory
sudo mv wordpress /var/wwwChange ownership permissions to userwww-data and group.
sudo chown -R www-data:www-data /var/www/wordpressConfigure WordPress database connection
mv /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.phpEdit the file to configure
sudo vim /var/www/wordpress/wp-config.phpSet below variables
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wp_site');
/** MySQL database username */
define('DB_USER', 'wp_user');
/** MySQL database password */
define('DB_PASSWORD', 'StrongPassword');
/** MySQL hostname */
define('DB_HOST', 'localhost');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');
/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');Configuring Caddy to Serve the WordPress Site
We have WordPress installation ready, we now need to configure Caddy Web server to serve our WordPress website. Start by creating a Caddy configuration file on /etc/caddy/Caddyfile
sudo vim /etc/caddy/CaddyfileAdd the content
example.com
tls domain-admin@example.com
root /var/www/wordpress
gzip
fastcgi / /run/php/php7.2-fpm.sock php
rewrite
if path not_match ^\/wp-admin
to path path/ /index.php?queryReplace example.com with your actual domain for WordPress website and domain-admin@example.com with an actual email address used to request Let’s Encrypt certificate. We’re using php-fpm via fastcgi to support php.
Start caddy service
sudo systemctl start caddy.serviceIf the start was successful, you should get a successful message:
# systemctl status caddy
● caddy.service - Caddy HTTP/2 web server
Loaded: loaded (/etc/systemd/system/caddy.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2018-09-02 14:34:26 EAT; 7s ago
Docs: https://caddyserver.com/docs
Main PID: 32443 (caddy)
Tasks: 12 (limit: 4704)
CGroup: /system.slice/caddy.service
└─32443 /usr/local/bin/caddy -log /var/log/caddy.log -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
Sep 02 14:34:26 wp.computingforgeeks.com systemd[1]: Started Caddy HTTP/2 web server.
Sep 02 14:34:34 wp.computingforgeeks.com caddy[32443]: Activating privacy features... done.
Sep 02 14:34:34 wp.computingforgeeks.com caddy[32443]: https://wp.computingforgeeks.com
Sep 02 14:34:34 wp.computingforgeeks.com caddy[32443]: //wp.computingforgeeks.comAccess the WordPress dashboard by visiting.https://example.com You should get initial wordpress setup page.
Provider username and password.
Thank you for reading our guide on how to Install Caddy web server on an Ubuntu 18.04 with Let’s Encrypt SSL. I like Caddy simplicity, robustness and the fact that it uses HTTPS by default. No routing and redirects needed to host your website.
