Caddy Web Server On FreeBSD

freebsd caddy web server

Caddy is an open-source, middleware, secure, HTTP/2-enabled webserver written in Go programming language that has been created in 2015. Caddy configuration and initiation is so simple and clear. Caddy lets you create an HTTPS-enabled website in 5 seconds. Beside of this ease of use, the SSL certificate costs you nothing.
Caddy supports HTTP/2 and automatic TLS encryption. HTTP/2 is an HTTP protocol successor that can load websites faster.
Caddy automatically gets an SSL key and then serves your website securely. Caddy integrated with Let’sEncrypt, a certificate authority that provides free TLS/SSL certificates.
Caddy supports a variety of Web technologies and is available as statically-compiled binaries for Windows, Mac, Linux, Android, and BSD operating systems on i386, amd64, and ARM architectures.
A variety of web site technologies can be served by Caddy, which can also act as a reverse proxy and load balancer. Most of Caddy’s features are implemented as middleware and exposed through directives in the Caddyfile (a text file used to configure Caddy).
Caddy is not vulnerable to a number of widespread CVEs including Heart-bleed, DROWN, POODLE, and BEAST. In addition, Caddy uses TLS_FALLBACK_SCSV to prevent protocol downgrade attacks.

Caddy Features

• HTTP/2 enabled
• SNI
• OCSP Stapling
• Virtual hosting
• Native IPv4 and IPv6 support
• Serve static files
• Graceful restart/reload
• Reverse proxy
• Load balancing with health checks
• FastCGI proxy • Templates
• Markdown rendering
• CGI via WebSockets
• Gzip compression
• Basic access authentication
• URL rewriting
• Redirects
• File browsing
• Access, error, and process logs
• QUIC Support

How to Install Caddy in FreeBSD 11.1?

To install caddy all you have to do is:
# pkg install caddy
You can simply issue “caddy -h” to get how to use caddy:
# caddy -h
-agree
Agree to the CA’s Subscriber Agreement
-ca string
URL to certificate authority’s ACME server directory (default “https://acme-v01.api.letsencrypt.org/directory")
-catimeout duration
Default ACME CA HTTP timeout
-conf string
Caddyfile to load (default “Caddyfile”)
-cpu string
CPU cap (default “100%”)
-disable-http-challenge
Disable the ACME HTTP challenge
-disable-tls-sni-challenge
Disable the ACME TLS-SNI challenge
-email string
Default ACME CA account email address
-grace duration
The maximum duration of graceful shutdown (default 5s)
-host stringDefault host
-http-port string
Default port to use for HTTP (default “80”)
-http2
Use HTTP/2 (default true)
-https-port string
Default port to use for HTTPS (default “443”)
-log string
Process log file
-pidfile string
The path to writing the pid file
-plugins
List installed plugins
-port string
Default port (default “2015”)
-quic
Use experimental QUIC
-quiet
Quiet mode (no initialization output)
-revoke string
The hostname for which to revoke the certificate
-root string
The root path of the default site (default “.”)
-type string
Type of server to run (default “HTTP”)
-validate
Parse the Caddyfile but do not start the server
-version
Show version

Caddy Configuration

First, we create a directory and name it caddy:
# mkdir caddy
Then copy your index.html into it:
# cp index.html ./caddy/index.html
Then go to this directory and issue caddy command:
# caddy -host corebox.ir -cpu 50% -log log.txt -agree

Activating privacy features... done.  
https://corebox.ir  
http://corebox.ir  

Then we can open “corebox.ir” in the browser. The point is caddy automatically activate SSL key.

You can get full edition at:
https://contents.meetbsd.ir/ebook/caddy_bsdmag.pdf
Or:
https://bsdmag.org/download/caddy-web-server-on-freebsd/


enter image description here