Saturday, September 24, 2022

Install and Configure Caddy on Centos 7

In this article, we want to teach you How To Install and Configure Caddy on Centos 7.

Caddy is an open-source web server platform designed to be simple, easy to use, and secure.

It is written in Go with zero dependencies, Caddy is easy to download and runs on almost every platform that Go compiles on.

By default, Caddy comes with support for automatic HTTPS by provisioning and renewing certificates through Let’s Encrypt.

Caddy is the only one to provide these features out of the box, and it also comes with automatic redirection of HTTP traffic to HTTPS.

How To Install and Configure Caddy on Centos 7

To install the Caddy web server on your Centos 7, you need some requirements first.

Requirements

First, you need to log in to your server as a non-root user with sudo privileges. To do this, you can follow our article the Initial Server Setup with Centos 7.

Then, you need to set up a basic firewall. To do this, you can check our article Set up a Firewall with firewalld on Centos 7.

Also, you need a domain name that pointed to your server’s IP address. This is necessary for Caddy to obtain an SSL certificate for the website.

Now follow the steps below to set up Caddy on Centos 7.

Set up Caddy Web Server on Centos 7

First, you need to install the Caddy server’s binary files on Centos 7 with the command below:

curl -s https://getcaddy.com | bash

Then, you can verify the Caddy binary file’s location:

which caddy

In your output, you will see that the Caddy binary can be found in /usr/local/bin/caddy.

Next, you need to create a user and group for the Caddy.

Here we named our user Caddy. You can choose your desired name.

To create a user, run the command below:

sudo adduser -r -d /var/www -s /sbin/nologin caddy

At this point, you need to create the necessary directories.

Create a directory that will house the main Caddyfile with the following command:

sudo mkdir /etc/caddy

Set the correct ownership of this directory:

sudo chown -R root:caddy /etc/caddy

Now in this directory create an empty file named Caddyfile that you will edit later:

sudo touch /etc/caddy/Caddyfile

You need to create another directory to store the SSL private keys and certificates:

sudo mkdir /etc/ssl/caddy

Set the correct ownership of this directory:

sudo chown -R caddy:root /etc/ssl/caddy

Also, set the correct permissions for it:

sudo chmod 0770 /etc/ssl/caddy

The final directory you need to create is the one where the website itself will be published:

sudo mkdir /var/www

And set the correct ownership for it:

sudo chown caddy:caddy /var/www

Install and Configure Caddy Web Server

As you know, Caddy doesn’t install itself as a service, the project provides an official systemd unit file.

First, download the file from the official Caddy repository and save the file in the /etc/systemd/system/ directory and make it visible to systemd.

sudo curl -s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service -o /etc/systemd/system/caddy.service

Then, open the file with your favorite text editor, here we use vi:

sudo vi /etc/systemd/system/caddy.service

Find the lines below and change the values to Caddy as shown below:

; User and group the process will run as.
User=caddy
Group=caddy

When you are done, save and close the file.

To apply the new changes, reload the systemd with the command below:

sudo systemctl daemon-reload

Enable the Caddy to run on boot on Centos 7 with the following command:

sudo systemctl enable caddy.service

Now your service is loaded and enabled on your server but it is not running. You need to make some configurations.

Caddy uses HTTP and HTTPS protocols, so you need to allow traffic on HTTP and HTTPS ports through the firewall on Centos 7 with the commands below:

$ sudo firewall-cmd --permanent --zone=public --add-service=http
$ sudo firewall-cmd --permanent --zone=public --add-service=https

Then, reload the firewall to apply the new rules:

sudo firewall-cmd --reload

At this point, you need to create a test page that will display a plain Hello World message with the command below:

echo '<h1>Hello World!</h1>' | sudo tee /var/www/index.html

This command will create an index.html file in the website directory we created earlier with just one line of text, <h1>Hello World!</h1>, inside.

Next, open the Caddyfile that you have created before with your favorite text editor, here we use vi:

sudo vi /etc/caddy/Caddyfile

Add the following content to the file:

http:// {
root /var/www
gzip
}

When you are done, save and close the file.

Note:

  • The root directive tells Caddy where the website files are located. In our example, it’s /var/www, where we created the test page.
  • The gzip directive tells Caddy to use Gzip compression to make the website faster.

Now you can start your Caddy service on Centos 7 with the following command:

sudo systemctl start caddy

Here you can access your Caddy test page by typing your server’s IP address in your web browser to see the Hello World! website.

http://your-server-ip

Secure Caddy on Centos 7

One of the main features that distinguish Caddy from other web servers is its ability to automatically request and renew TLS certificates from Let’s Encrypt.

You can easily do it with a little change on the Caddyfile.

Open the file again with your text editor:

sudo vi /etc/caddy/Caddyfile

Replace the address definition  http:// with your domain. And provide Caddy with an email address using the tls directive inside the server block.

example.com {
root /var/www
gzip
tls [email protected]
}

When you are done, save and close the file.

To apply the changes, restart Caddy on Centos 7:

sudo systemctl restart caddy

Now can access your Caddy test page again with:

https://example.com

Conclusion

At this point, you learn to install and configure Caddy on Centos 7. Also, you learn to secure your Caddy website.

Hope you enjoy it.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles