sponsored by users like you
-- Caddy is free software and relies on sponsorships to survive. They aren't just donations: they ensure ongoing development and provide your business with tangible benefits! -
- See sponsorships +All you need for TLS and PKI
++ Caddy is not only the world leader in certificate automation, it is also a fully-featured certificate authority for your own internal PKI. +
+ ++ Caddy 2 is a highly extensible, self-hosted platform on which you can build, configure, and deploy long-running services ("apps"). +
++ Caddy ships with apps for an HTTPS server (static files, reverse proxying, load balancing, etc.), TLS certificate manager, and fully-managed internal PKI. Caddy apps collaborate to make complex infrastructure just work with fewer moving parts. +
++ For example, the config shown here keeps your TLS certificates renewed for other programs to use; no external tools or HTTP daemon required! +
++ Providing a unified configuration, on-line config API, and automatic documentation for all apps, Caddy is nearly infinitely extensible. Thanks to its unique modular architecture, we can offer unlimited features without bloating the code base. +
+{
+ "apps": {
+ "tls": {
+ "certificates": {
+ "automate": [
+ "example.com",
+ "sub.example.com",
+ "example.net"
+ ]
+ }
+ }
+ }
+}- A truly forward-thinking reverse proxy + A forward-thinking reverse proxy
Caddy's proxy was designed to be as forward-compatible as possible and has major batteries included: load balancing, active and passive health checks, dynamic upstreams, retries, pluggable transports, and of course, best-in-class TLS security.
-Proxy HTTP, FastCGI, WebSockets, and more
-- Capable of proxying HTTP and HTTPS, but also WebSockets, gRPC, FastCGI (usually PHP), and more! The underlying transport module is extensible for any custom way to generate an HTTP response. -
-Dynamic backends
-- Provide Caddy with a static list of backends or enable a module to retrieve backends dynamically during each request: ideal for rapidly changing environments. Caddy flows with your infrastructure! -
-High availability
-- Caddy comes with a whole suite of high availability (HA) features: advanced health checking, graceful (hitless) config changes, circuit breaking, load limiting, on-line retries, and more. The best part? It's all free. No enterprise-level paywalls. -
+ + +Proxy HTTP, FastCGI, WebSockets, and more
++ Capable of proxying HTTP and HTTPS, but also WebSockets, gRPC, FastCGI (usually PHP), and more! The underlying transport module is extensible for any custom way to generate an HTTP response. +
+Dynamic backends
++ Provide Caddy with a static list of backends or enable a module to retrieve backends dynamically during each request: ideal for rapidly changing environments. Caddy flows with your infrastructure! +
+High availability
++ Caddy comes with a whole suite of high availability (HA) features: advanced health checking, graceful (hitless) config changes, circuit breaking, load limiting, on-line retries, and more. The best part? It's all free. No enterprise-level paywalls. +
+example.com
+
+# Serve PHP sites
+handle /blog/* {
+ root * /var/www/wordpress
+ php_fastcgi localhost:9000
+ file_server
+}
+
+# Proxy an autoscaling API with dynamic backends
+reverse_proxy /api/* {
+ dynamic srv _api._tcp.example.com
+}
+
+# Proxy a compute-heavy distributed service
+# with load balancing and health checks
+reverse_proxy /service/* {
+ to 192.168.1.1 192.168.1.2 192.168.1.3
+ lb_policy least_conn
+ lb_try_duration 10s
+ fail_duration 5s
+}
+
+# Proxy everything else to an HTTPS upstream
+reverse_proxy https://service.example.com {
+ header_up Host {upstream_hostport}
+}
+ software assurance
@@ -289,19 +373,20 @@ See sponsorships
- 
-
- Sean Lin
- Example product manager
-
+
+
+
+ Sean Lin
+ Example product manager
+
+ Serving static files is a tried-and-true method of delivering sites to numerous clients efficiently. Caddy has a robust file server that can be combined with other middleware features for the ultimate effortless website.
-Compression
++ Caddy can compress files on-the-fly or serve precompressed files for extra performance. Caddy is also the first web server to support Zstandard encoding. +
+Virtual file systems
++ Serve your static site from anything: the local file system, remote cloud storage, a database, or even embedded in the server binary! +
+Range requests, Etags, and more
++ Unlike many ad-hoc file servers intended for temporary local development, Caddy fully supports Range requests, Etags, and a full production feature set. +
+Directory file browser
++ If a directory without an index file is requested, Caddy can show an elegant file browser with breadcrumb nav, file size visualizations, filetype icons, and a grid view. +
+example.com
+
+root * /var/www
+
+# Serve precompressed files if present
+file_server /downloads/* {
+ precompressed gzip zstd br
+}
+
+# Compress everything else that would benefit
+encode zstd gzip
+
+# Get files from a database
+file_server /database/* {
+ fs sqlite data.sql
+}
+
+# Get files from within the Caddy binary
+file_server /embedded/* {
+ fs embedded
+}
+
+# (Range/Etag/etc. all work without extra config)
+
+# Serve static site with directory listings as needed
+file_server browse
+ Compression
-- Caddy can compress files on-the-fly or serve precompressed files for extra performance. Caddy is also the first web server to support Zstandard encoding. -
+
Virtual file systems
-- Serve your static site from anything: the local file system, remote cloud storage, a database, or even embedded in the server binary! -
-Range requests, Etags, and more
-- Unlike many simpler file servers intended for temporary local development, Caddy fully supports Range requests, Etags, and a full production feature set. -
-Directory file browser
-- If a directory without an index file is requested, Caddy can show an elegant file browser with breadcrumb nav, file size visualizations, filetype icons, and a grid view. -
+
- Flexible configuration for all workflows + Flexible configuration compatible with any workflow
Configure your server your way. Caddy's native configuration format is JSON, but with Caddy's config adapters, you can use any config format you prefer. All configuration is posted through a RESTful admin API, and Caddy's CLI helps you work with config files easily.
-$ caddy start --config caddy.json
+
+$ curl localhost:2019/id/my_handler \
+ -X PATCH \
+ -H "Content-Type: application/json" \
+ -d '{
+ "handler": "static_response",
+ "body": "Work smarter, not harder."
+ }'
+
+$ curl localhost:2019/config/ | jq
+ JSON config API
++ Caddy's native config format is JSON, giving you incredible power and flexibility for automated, large-scale deployments. +
+ Make dynamic config changes through an intuitive, programmable REST API that offers ACID guarantees. It is also safely scoped, meaning that the URI path restricts changes, making it impossible to accidentally alter other parts of your config. +
+ + +Caddyfile
++ Most people prefer to use a Caddyfile because it lets you get a production-ready site up and running in just a few hand-written lines. It's not uncommon for Caddyfiles to be just ~15% the size of a less-capable nginx config! +
+caddyserver.com
+
+root * src
+
+file_server
+templates
+encode zstd gzip
+
+redir /docs/json /docs/json/
+rewrite /docs/json/* /docs/json/index.html
+rewrite /docs/* /docs/index.html
+
+reverse_proxy /api/* localhost:9002
+ $ caddy run \
+ --config nginx.conf \
+ --adapter nginx
+ Config adapters
++ Power Caddy with anything, even NGINX config files! +
++ With first-class support for config adaptation, you can configure your web server with your favorite format: YAML, TOML, CUE, NGINX, HCL, Dhall, JSON with comments, or even a MySQL database. The Caddyfile is a built-in config adapter. +
+ + +- Caddy is the only server in the world with such a novel modular architecture. At its core, Caddy is a configuration manager that runs apps like an HTTP server, internal certificate authority, TLS certificate manager, process supervisor, and more. + Caddy is the only server in the world with its novel, modular architecture. At its core, Caddy is a configuration manager that runs apps like an HTTP server, internal certificate authority, TLS certificate manager, process supervisor, and more.
- And because of its unique design, all these features are freely available without bloating the software: only compile in what you need. + And because of its unique design, all these features are freely available without bloating the software. Only compile in what you need.
Dynamically provision certificates
+Unlimited power
- With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Nearly every part of the config that "does something" is pluggable. Caddy offers so much in such a lean package.
Dynamically provision certificates
+Native CPU performance
- With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + No RPC calls or flimsy dependency management. Plugins are compiled into the static binary, making successful deployments certain and runtimes blazing fast.
Dynamically provision certificates
+Easy to develop
- With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Writing Caddy plugins is as easy as writing a Go package.
Sponsorships benefit businesses and the community
- With sponsorships, we don't have to limit functionality. Your business meets—and exceeds—its product support requirements at lower costs. And the technology stays truly open source. Everyone wins. + With sponsorships, we don't have to restrict functionality or instances. Your business exceeds its product support requirements at lower costs, and can scale indefinitely. And the technology stays truly open source. Everyone wins.