Matt Peperell's Blog

C is for 'Caddy'

Written: 03 Apr 2024 (Index by date)

Tags: a-to-z  (Index by tag)

A few months ago a friend introduced me to Caddy, a webserver. Why yet another one? Well, ultimately this one fits my needs better.

The huge benefit, compared to other webservers such as Apache httpd or nginx is that it supports native auto generation and renewal of SSL certs (either self-signed or via Let’s Encrypt). I know that LE certs can be automatically generated by other means, but having it done in-band is the big bonus for me.

My own site (the one you’re reading right now) has been hosted via Caddy since January 2023. The SSL site of things is so automated by Caddy, that the only configuration I need is, {
  log {
    output file /var/log/caddy/blog.json {
      role_keep 10
    format json

  handle {
    root * /var/www/blog/

The mere existence of a domain name (or several domains) to configure a site is enough for caddy to know to generate (and auto-renew) its SSL cert. No extra cronjobs needed.

Other than that, it does pretty much what one would expect from a webserver, including ability to proxy on to lower tiers (e.g. APIs, unix sockets, HA proxy etc). One extra thing that it provides but which I don’t use is an API, via which one can add new site configuration at run time. My raspberry pi running this site (and a couple of internal house-related services) does not need this functionality but it’s good to know it exists should I encounter a commercial project of a suitable size and shape for this to be relevant.

Have you ever use Caddy, or does this post tempt you to give it a try?

RSS RSS feed