Install and Configure Caddy Web Server on Ubuntu 22.04

Caddy is an open-source web server developed with Go. It is designed to host both static and dynamic web applications and automatically provides HTTPS for all configured domains. Thanks to its straightforward configuration, it can be used as a web server, reverse proxy, or load balancer with minimal effort.

This guide explains how to install the Caddy web server on Ubuntu 22.04 and securely serve applications from your server.

Prerequisites

Before starting, make sure you have the following:

• An Ubuntu 22.04 server.
• A domain name with an A record pointing to the server’s IP address.
• SSH access to the server as a non-root user with sudo privileges.

Install Caddy

Follow these steps to add the Caddy repository and install the application on your server.

Add the Caddy GPG Key

Import the latest Caddy GPG key to your server:

curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg

Add the Caddy Repository

Next, add the Caddy repository to your APT sources:

curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list

Update the Package Index

Refresh the package index on your server:

sudo apt update

Install Caddy

Install Caddy with the following command:

sudo apt install caddy

Verify the Installation

Check the installed version to confirm that the installation completed successfully:

caddy -v

Example Output:

v2.9.1 h1:OEYiZ7DbCzAWVb6TNEkjRcSCRGHVoZsJinoDR/n9oaY=

Configure the Firewall

Allow incoming connections to HTTP port 80:

sudo ufw allow 80

Reload the firewall to apply the changes:

sudo ufw reload

Now open your browser and visit:

http://SERVER-IP

The default Caddy welcome page should appear.

Manage the Caddy System Service

Enable the Caddy service to start automatically at boot:

sudo systemctl enable caddy

Start the Caddy web server:

sudo systemctl start caddy

Check the status of the Caddy service to confirm it is running:

sudo systemctl status caddy

Example Output:

● caddy.service - Caddy
     Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2025-04-06 09:20:18 UTC; 4min 10s ago
       Docs: https://caddyserver.com/docs/
   Main PID: 3015 (caddy)
      Tasks: 9 (limit: 9415)
     Memory: 10.9M
     CGroup: /system.slice/caddy.service
             └─3015 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Create a Caddy Virtual Host

By default, Caddy keeps its configuration in /etc/caddy, but it can read a Caddyfile from any path. Use the steps below to create a new virtual host that serves files from /var/www/example.com.

Create the web root directory

sudo mkdir -p /var/www/example.com

Create an index page

sudo nano /var/www/example.com/index.html

Add the following HTML

    
    


    



Hello World! Greetings from centron
 

Save the file and exit the editor.

Move to the Caddy config directory

cd /etc/caddy/

Back up the default Caddyfile

sudo mv Caddyfile Caddyfile.default

Create a new Caddyfile

sudo nano Caddyfile

Paste this configuration

example.com {
        tls admin@example.com

        root * /var/www/example.com

        file_server {
                index index.html
        }

        log {
                output file /var/log/caddy/example.log
                format console
        }
}

Save your changes and close the file.

What this configuration does

• example.com: Declares a virtual host for your domain or server IP.
• tls: Sets the contact email used for Let’s Encrypt certificate requests.
• root: Points to the directory that holds your web content.
• file_server: Enables static file serving and sets the default index file.
• log: Writes access and error logs to /var/log/caddy/example.log using console formatting.

Validate and reload Caddy

Check for syntax issues, then apply the new configuration:

sudo caddy validate

sudo caddy reload

Secure the Caddy Web Server

Caddy automatically provisions HTTPS for valid domains. To further protect your setup, lock down the Caddy configuration so unauthorized users cannot modify it.

Grant ownership of the config directory to the Caddy user

sudo chown -R caddy:caddy /etc/caddy

Restrict Caddyfile permissions

Give read/write access to the Caddy user and deny access to others:

sudo chmod 660 /etc/caddy/Caddyfile

Verify permissions

ls -l /etc/caddy/

Output:

total 8
-rw-rw---- 1 caddy caddy 168 Jun 2 15:20 Caddyfile
-rw-r--r-- 1 caddy caddy 769 Jun  2 12:07 Caddyfle.default

Set Up Firewall Rules

Depending on your Caddyfile, Caddy serves via HTTP (80) and HTTPS (443). Allow these through the firewall to enable access to your site.

Check UFW status

sudo ufw status

If UFW is inactive, enable it and allow SSH

sudo ufw allow 22 && sudo ufw enable

Allow HTTPS traffic

sudo ufw allow 443

Reload UFW

sudo ufw reload

Open your browser and visit your domain to confirm the virtual host is being served:

https://example.com

If you encounter a connection issue, inspect the Caddy logs to identify the error.

Conclusion

In this section, you set up the Caddy web server on Ubuntu 22.04 and created a virtual host configuration to serve your web app files. Refer to the Caddy documentation for additional options and advanced configuration examples.