Install Caddy web server on an Ubuntu 18.04 with Let’s Encrypt SSL

Posted on 300 views

In this article, we will cover the steps to install Caddy Web server on Ubuntu 18.04 and how to secure it with Let’s Encrypt SSL certificates. Caddy is an open-source, production-ready that is build to be fast, easy to use, and makes you more productive. Caddy is available for Windows, Mac, Linux, BSD, Solaris, and Android.

Features of Caddy Web Server

  • Easy configuration and management with the Caddyfile
  • It is secure – Has automatic HTTPS on by default (via Let’s Encrypt)
  • Cady uses HTTP/2 by default
  • Support multiple sites hosting by using Virtual hosting
  • TLS session ticket key rotation for more secure connections
  • Its functionalities can be extended with plugins
  • Works for both Dynamic and Static sites
  • Caddy has zero-downtime reloads
  • Caddy is written in Go and has no external dependencies – The binary is entirely self-contained and runs on every platform, including containers.

Install Caddy web server on an Ubuntu 18.04 LTS

You have two options to install Caddy Web server on Ubuntu 18.04 server.

  1. Download pre-built binary
  2. Build Caddy from source code

Installing Caddy web server on Ubuntu 18.04 from binary

The easiest method of installing Caddy web server on Ubuntu 18.04 is by downloading a ready binary file. Install caddy easily on Ubuntu 18,04 by running the command

curl | sudo bash -s personal

-s personal is used to specify that you’re using a personal license, for commercial use commercial.

Sample Output:

Downloading Caddy for linux/amd64 (personal license)...
Download verification OK
Putting caddy in /usr/local/bin (may require password)
Caddy 0.11.0 (non-commercial use only)
Successfully installed

Check binary location and version

# which caddy

# caddy -version
Caddy 0.11.0 (non-commercial use only)

Installing Caddy with Plugins

You can also install Caddy with Plugins you need, e.g to install the plugins:

  • http.cache
  • dns.cloudflare
  • http.ratelimit
  • http.git
  • http.hugo
  • http.upload
  • http.prometheus
  • http.filemanager
  • http.geoip
  • http.expires

You’ll run:

curl | bash -s personal http.cache,http.expires,http.filemanager,http.geoip,http.git,http.hugo,http.prometheus,http.ratelimit,http.upload,http.webdav,net,tls.dns.cloudflare

You can check a full list of Caddy Plugins

Give the caddy binary the ability to bind to privileged ports (e.g. 80, 443) as a non-root user:

sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy

Set up the user, group, and directories that will be needed:

sudo groupadd -g 33 www-data
sudo useradd \
  -g www-data --no-user-group \
  --home-dir /var/www --no-create-home \
  --shell /usr/sbin/nologin \
  --system --uid 33 www-data

sudo mkdir /etc/caddy
sudo chown -R root:root /etc/caddy
sudo mkdir /etc/ssl/caddy
sudo chown -R root:www-data /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddy

Create Caddy Systemd service unit

Install the systemd service unit configuration file, reload the systemd daemon.

sudo cp caddy.service /etc/systemd/system/
sudo chown root:root /etc/systemd/system/caddy.service
sudo chmod 644 /etc/systemd/system/caddy.service
sudo systemctl daemon-reload

Using Caddy Web Server – Host WordPress Website

We will consider an example to host a WordPress powered website using Caddy web server on Ubuntu 18.04.

To run WordPress website, you need PHP, Web server, and Database server

sudo apt -y update
sudo apt -y install php-fpm php-mysql php-curl php-gd php-mbstring php-common php-xml php-xmlrpc

Install and Configure MariaDB Database server

Install and configure MariaDB database server using:

Install MariaDB 10.x on Ubuntu 18.04 and CentOS 7

Once done, login as root user and create a database for WordPress

$ mysql -u root -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 520
Server version: 10.3.9-MariaDB-1:10.3.9+maria~bionic-log binary distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE wp_site;
Query OK, 1 row affected (0.001 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON wp_site.* to 'wp_user'@'localhost' IDENTIFIED BY 'StrongPassword';
Query OK, 0 rows affected (0.001 sec)

Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> quit

Download WordPress and Install

Now download WordPress and untar the archive

tar xvf latest.tar.gz

This will extract all content of the tarball to a folder named wordpress on your working directory.

Move the wordpress folder to /var/www directory

sudo mv wordpress /var/www

Change ownership permissions to userwww-data and group.

sudo chown -R www-data:www-data /var/www/wordpress

Configure WordPress database connection

mv /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php

Edit the file to configure

sudo vim /var/www/wordpress/wp-config.php

Set below variables

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wp_site');

/** MySQL database username */
define('DB_USER', 'wp_user');

/** MySQL database password */
define('DB_PASSWORD', 'StrongPassword');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

Configuring Caddy to Serve the WordPress Site

We have WordPress installation ready, we now need to configure Caddy Web server to serve our WordPress website. Start by creating a Caddy configuration file on /etc/caddy/Caddyfile

sudo vim /etc/caddy/Caddyfile

Add the content 
    tls [email protected]
    root /var/www/wordpress
    fastcgi / /run/php/php7.2-fpm.sock php
        if path not_match ^\/wp-admin
        to path path/ /index.php?query

Replace with your actual domain for WordPress website and [email protected] with an actual email address used to request Let’s Encrypt certificate. We’re using php-fpm via fastcgi to support php.

Start caddy service

sudo systemctl start caddy.service

If the start was successful, you should get a successful message:

# systemctl status caddy
● caddy.service - Caddy HTTP/2 web server
   Loaded: loaded (/etc/systemd/system/caddy.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2018-09-02 14:34:26 EAT; 7s ago
 Main PID: 32443 (caddy)
    Tasks: 12 (limit: 4704)
   CGroup: /system.slice/caddy.service
           └─32443 /usr/local/bin/caddy -log /var/log/caddy.log -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp

Sep 02 14:34:26 systemd[1]: Started Caddy HTTP/2 web server.
Sep 02 14:34:34 caddy[32443]: Activating privacy features... done.
Sep 02 14:34:34 caddy[32443]:
Sep 02 14:34:34 caddy[32443]: //

Access the WordPress dashboard by visiting. You should get initial wordpress setup page.



Provider username and password.



Thank you for reading our guide on how to Install Caddy web server on an Ubuntu 18.04 with Let’s Encrypt SSL. I like Caddy simplicity, robustness and the fact that it uses HTTPS by default. No routing and redirects needed to host your website.

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.