loozhengyuan/docs

# Installing Caddy Server

# Installation

Installs curl if you haven't already have it installed

sudo apt install curl

One-click install script by Caddy

curl https://getcaddy.com | bash -s personal hook.service

# Configuration

Create and edit Caddyfile

cd ~

sudo touch Caddyfile

sudo nano Caddyfile

Copy and paste these settings

# ~/Caddyfile

sub.example.tld {
    proxy / localhost:8000 {
        transparent
    }
}

Optional: If you want to bind to a unix socket, you can do so with the following:

# ~/Caddyfile

sub.example.tld {
    proxy / unix:/path/to/unix.sock {
        transparent
    }
}

Optional: If you want to redirect non-www to www, you can do so like this:

example.tld {
    redir https://www.example.tld{uri}
}

Optional: If you want serve locally-hosted static files, you can also do so like this:

sub.example.tld/static {
    root /var/www/sub.example.tld/static
}

Test to make sure it is working

cd ~

sudo caddy

# Optional: Using Cloudflare DNS

If you're using Cloudflare as a DNS provider with proxy turned on, Caddy will not be able to request/renew Let's Encrypt TLS certificates out of the box.

In order to cater for this, be sure to install Caddy with the tls.dns.cloudflare plugin

curl https://getcaddy.com | bash -s personal hook.service,tls.dns.cloudflare

Next, you need to edit Caddyfile to include the tls directive

# ~/Caddyfile

sub.example.tld {
    proxy / localhost:8000 {
        transparent
    }
    tls {
        dns cloudflare
    }
}

Next, head to Cloudflare to request a Global API Key and then export the following as environment variables

export CLOUDFLARE_EMAIL=john@doe.com
export CLOUDFLARE_API_KEY=abc123

Tip: If you're using it as a service, you may save the environment variables in a .env file instead:

# ~/.env
CLOUDFLARE_EMAIL=john@doe.com
CLOUDFLARE_API_KEY=abc123

Then specify the file when you run caddy:caddy -envfile /path/to/file.env.

# Optional: Test run before anything

In order to avoid consuming Lets Encrypt rate limit quotas, test caddy via the following command (even before installing as a service, preferably):

caddy -ca https://acme-staging-v02.api.letsencrypt.org/directory

Note: You may and should add extra options such at -agree, -email, -conf, and -envfile depending on your needs in order to test that caddy can run with the right parameters.

# Optional: Convert to run as a service

Installs caddy as a service

sudo caddy -service install -agree -email user@example.com -conf /path/to/Caddyfile -envfile /path/to/file.env

Check that caddy is running

sudo caddy -service start

sudo caddy -service status

# Optional: Increasing file descriptor limit

Increase file descriptor limit from 1024 to 8192 by editing the /etc/security/limits.conf file

sudo nano /etc/security/limits.conf

Add these two lines in the file:

# /etc/security/limits.conf

root               soft    nofile          8192
root               hard    nofile          8192

Tip: If you do not have root access, you should change root to * instead.

Installing Ghost