29.8 C
Texas
angeloma
Senior Writer and partner

How to install Caddy web server on Rocky Linux 8 / AlmaLinux 8 / CentOS 8?

Hello, friends. We have talked about webservers a few times, but we still need to learn how to install Caddy web server on RockyLinux 8 / AlmaLinux 8 / CentOS 8 so let’s go for it.

Caddy is the HTTP/2 web server with automatic HTTPS. That’s the description they give us on their website. It is a lightweight, commercially supported web server that can acquire and renew SSL/TLS certificates automatically using Let’s Encrypt.

Among its most outstanding features are:

  • Easy configuration with the Caddyfile.
  • Automatic HTTPS on by default (via Let’s Encrypt)
  • HTTP/2 by default. In other words, this is important to maintain the security of our websites.
  • Virtual hosting so multiple sites just work.
  • Experimental QUIC support for cutting-edge transmissions.
  • TLS session ticket key rotation for more secure connections.
  • Extensible with plugins because a convenient web server is a helpful one.
  • Runs anywhere with no external dependencies.

As can be seen, it is an interesting and practical web server. It comes to add to the list that already conforms to the veteran Apache and Nginx.

Install Caddy web server on RockyLinux 8 / AlmaLinux 8 / CentOS 8

- Advertisement -

The installation of the Caddy web server is really easy, but first, we have to upgrade the operating system.

sudo dnf update

After that, we can install Caddy by enabling a special repository with these two commands.

sudo dnf install 'dnf-command(copr)'
sudo dnf copr enable @caddy/caddy

Now you can install Caddy by running

sudo dnf install caddy

You can check the installed version with command:

caddy version
v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=

Configuring Caddy Web Server

Normally you have a Firewall running, so you have to enable ports 80 and 443 on it. Now at the system level, you can do it using these commands:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https

And to apply the changes, restart the firewall

sudo systemctl reload firewalld

After this, you have to enable and start the Caddy service

sudo systemctl enable --now caddy

Then, you can check the status of the service

sudo systemctl status caddy
● caddy.service - Caddy
   Loaded: loaded (/usr/lib/systemd/system/caddy.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2021-08-10 21:44:18 CEST; 4s ago
     Docs: https://caddyserver.com/docs/
 Main PID: 1418 (caddy)
    Tasks: 6 (limit: 12117)
   Memory: 22.0M
   CGroup: /system.slice/caddy.service
           └─1418 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Aug 10 21:44:18 osradar caddy[1418]: JOURNAL_STREAM=9:26184
Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9095478,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter">Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9125738,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_or>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9126773,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS wi>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9130268,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/au>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.913065,"msg":"serving initial configuration"}
Aug 10 21:44:18 osradar systemd[1]: Started Caddy.
Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.913603,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache">Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.913627,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.loc>Aug 10 21:44:18 osradar caddy[1418]: {"level":"info","ts":1628624658.9136415,"logger":"tls","msg":"finished cleaning storage units"}

Now yes, open a web browser you trust and go to http:your-server and you will see the following

1.- Caddy web server on RockyLinux 8 / AlmaLinux 8 / CentOS 8
1.- Caddy web server on RockyLinux 8 / AlmaLinux 8 / CentOS 8

So, Caddy web server is installed and running.

Creating a new site on Caddy web server

This step is the equivalent of a VirtualHost on Apache or a ServerBlock on Nginx. So, create the directory dedicated to your site.

sudo mkdir -p /var/www/osradar.test/html

In my case, I called it osradar.test but you can call it whatever you want.

Also, create a directory dedicated to the logs.

sudo mkdir /var/log/caddy

Make the user caddy the owner of both folders.

sudo chown caddy:caddy /var/www/osradar.test/html -R
sudo chown caddy:caddy /var/log/caddy

Now create an index.html file in your new site directory.

sudo nano /var/www/osradar.test/html/index.html

And add some code

<!DOCTYPE html>
<html>
<head>
<title>Hi</title>
</head>
<body>
<h1>Welcome to Osradar</h1>
</body>
</html>

Save the changes and close the editor.

Now in the main Caddy configuration file. comment out the few lines there and at the end add the following

sudo nano /etc/caddy/Caddyfile
osradar.test {
    root * /var/www/osradar.test/html
    file_server
    encode gzip

    log {
        output file /var/log/caddy/osradar.test.log
    }

    @static {
        file
        path *.ico *.css *.js *.gif *.jpg *.jpeg *.png *.svg *.woff *.pdf *.webp
    }
    header @static Cache-Control max-age=5184000

    tls [email protected]
}

Save the changes

Validate the configuration file

caddy validate --adapter caddyfile --config /etc/caddy/Caddyfile

If the on-screen output results in a warning, you can fix it by running

caddy fmt --overwrite /etc/caddy/Caddyfile

To apply the changes, restart the Caddy service.

sudo systemctl restart caddy

So, enjoy it.

Conclusion

Caddy is a solid alternative to Apache and Nginx that even serves as a Reverse Proxy. So, in this post, you learned how to install and tune it on Rocky Linux.

I recommend you consult the extensive official documentation of the application.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article