caddy

Start Caddy in the foreground

$ caddy run

$ caddy run --config [path/to/Caddyfile]

$ caddy start

$ caddy stop

$ caddy file-server --listen :[8000] --browse

$ caddy reverse-proxy --from :[80] --to localhost:[8000]

caddy [command] [flags]

Common usage examples:
caddy run [--config ] [--adapter ]
caddy start [--config ] [--adapter ]
caddy stop
caddy reload [--config ] [--adapter ]
caddy validate [--config ] [--adapter ]

--config
    Specifies the path to the Caddy configuration file (e.g., Caddyfile or JSON). If omitted, Caddy searches for a Caddyfile in standard locations.

--adapter
    Name of the config adapter to use if the config file is not JSON (e.g., 'caddyfile'). This tells Caddy how to parse the provided configuration.

--envfile
    Loads environment variables from the specified file before Caddy starts, useful for secrets or dynamic configuration.

--cpu
    Sets a CPU cap for Caddy as a percentage (e.g., '75' for 75% of one CPU core). Can be specified as a floating point number.

--watch
    Enables automatic configuration reloading when the config file changes. Primarily for development environments, not recommended for production.

--persistence-dir
    Sets the directory where Caddy stores persistent data, such as acquired certificates and keys, and OCSP staples.

--resume
    If true, Caddy will attempt to resume from the last saved configuration state before applying new ones, ensuring continuity.

--version
    Prints the Caddy version, architecture, and other build information, then exits.

--help
    Prints help information for the caddy command or a specific subcommand.

Caddy is an open-source, modern web server and reverse proxy written in Go, renowned for its automatic HTTPS capabilities. Unlike traditional web servers, Caddy leverages the ACME protocol to provision and renew SSL/TLS certificates from authorities like Let's Encrypt, ensuring secure connections with minimal configuration. It natively supports HTTP/2 and HTTP/3 (QUIC), providing high performance and efficiency. Caddy's primary configuration interface, the Caddyfile, is designed for simplicity and readability, allowing users to define complex site setups with ease. Beyond serving static files, Caddy excels as a reverse proxy, load balancer, API gateway, and even a file server. Its modular architecture supports a wide range of plugins, extending its functionality for various use cases. Caddy aims to make web serving more accessible and secure by default.

While Caddy significantly simplifies web serving, it relies on external services like Let's Encrypt for automatic HTTPS, requiring public internet access and properly configured DNS for domain validation. Complex configurations might still benefit from a deeper understanding of its Caddyfile language or native JSON configuration. For production environments, Caddy should be run as a background service, typically managed by systemd or similar service managers, to ensure proper startup, shutdown, and resource management.

Caddy's signature feature is its ability to automatically obtain and renew SSL/TLS certificates for your domains using the ACME (Automatic Certificate Management Environment) protocol. It transparently interacts with Certificate Authorities like Let's Encrypt to ensure your sites are always served over HTTPS, eliminating manual certificate management and enhancing security by default.

The Caddyfile is a simple, human-readable configuration language that Caddy natively understands. While Caddy's internal configuration is JSON, the Caddyfile acts as a powerful and convenient adapter, allowing users to define server blocks, routes, and directives with minimal syntax, making complex setups straightforward and accessible for beginners.

Caddy was initially created by Matt Holt, with its first public release in 2015, quickly gaining traction for its groundbreaking automatic HTTPS feature, which significantly lowered the barrier to entry for securing websites. Version 1 established its reputation for simplicity and security. A major rewrite, Caddy 2, was released in 2020. This second iteration, also written in Go, introduced a more robust and modular architecture, a powerful new JSON configuration interface (with the Caddyfile acting as a popular adapter), and expanded capabilities as a general-purpose application server, API gateway, and reverse proxy. Its development continues to focus on performance, security, and ease of use.

nginx(8), apache2(8), systemd(1), systemctl(1), certbot(1)