Caddy is a free, security-focused, HTTP/2-enabled web server written in Go, designed to be simple, efficient, and portable. It offers modern capabilities such as virtual host support, reverses proxy functionality, and so on. Furthermore, Caddy is the first web server to automatically obtain and renew SSL/TLS certificates using Letโs Encrypt.
Caddyโs popularity has skyrocketed in the last few years due to its ease of use, speed, and native SSL support. So, it is quickly becoming the web server of choice for many developers and system administrators.
If youโre new to Caddy setup and management, this process can seem daunting, but donโt worry โ weโve made it easy for you. By following the steps in this guide, youโll be able to quickly and easily get your Caddy server up and running with PHP 8 support on Rocky Linux 9 or AlmaLinux 9 to make setting up your website a breeze. So, letโs get to work.
Prerequisites
Youโll need access to a Rocky Linux 9 or AlmaLinux 9 server to complete this guide. In addition, all commands shown are run by a regular user with sudo execution permissions. Therefore, you should own one.
Of course, you can skip the sudo portion of the commands and run them directly as a root user. The result will be the same in both cases.
Additionally, if you use a firewall on the server, make sure it does not block ports 80 and 443.
sudo firewall-cmd --permanent --add-service={http,https}
sudo firewall-cmd --reload
If you are concerned about dealing with firewalld, our comprehensive guide will come in handy.
Step 1: Enable COPR Repository
The Caddy web server is unavailable in the default Rocky or Alma repositories. However, it can be installed via the COPR (Cool Other Package Repo) repository. So, letโs add it first.
sudo dnf install 'dnf-command(copr)'Code language: JavaScript (javascript)
Then enable it by answering “Y” after executing the following command:
sudo dnf copr enable @caddy/caddyCode language: CSS (css)
Step 2: Install Caddy Web Server on Rocky Linux 9 / AlmaLinux 9
Install the Caddy web server:
sudo dnf install caddy
You will be prompted to accept the COPR repository GPG key during installation. Answer “Y” and hit “Enter.”
Step 3: Enable and Start Caddy’s Service
Once the Caddy is installed, enable auto-start and start the service.
sudo systemctl enable caddy
sudo systemctl start caddyYou can check the status of the Caddy service by running the following:
sudo systemctl status caddyThe result should be as shown below.
Now, point your browser to the domain Caddy will serve, and Caddyโs default web page will welcome you. Weโll use the temporarily created subdomain โcaddy.tmplinux.comโ for this guide. Of course, replace it with the one for your case.
You will be greeted by the Caddy web server’s default page.
As you can see, Caddy is up and running and working as expected. In the following steps, we will add PHP support, create a virtual host for our domain, and automatically obtain a free SSL Letโs Encrypt certificate.
Step 4: Install PHP 8 on Rocky Linux 9 / AlmaLinux 9
To add PHP support to the Caddy web server, you must install and use PHP-FPM to execute PHP files. So, to install it alongside several most widely used PHP modules, type the command below, and when prompted, enter โYโ to confirm.
sudo dnf install php-fpm php-mysqlnd php-gd php-cli php-curl php-mbstring php-bcmath php-zip php-opcache php-xml php-json php-intl
Then, open the “/etc/php-fpm.d/www.conf” file:
sudo vim /etc/php-fpm.d/www.confFind and change the following three lines from that:
user = apache
group = apache
listen.acl_users = apache,nginxTo this:
user = caddy
group = caddy
listen.acl_users = apache,nginx,caddyThe final result should look like this:
Finally, save and exit the file, then enable the PHP-FPM service to start on the system boot and start it:
sudo systemctl enable php-fpm
sudo systemctl start php-fpmStep 5: Configure Caddy to Use PHP and SSL
Before proceeding, create the directory in which your website files will be housed. In other words, the one youโll point Caddy to for your websiteโs root directory. For example, โ/srv/www/caddy.โ
sudo mkdir -p /srv/www/caddyIf youโre using SELinux, you need to change the file security context for this directory.
sudo chcon -t httpd_sys_content_t /srv/www/caddy -R
sudo chcon -t httpd_sys_rw_content_t /srv/www/caddy -RWeโve reached the most enjoyable portion of the process, where the Caddy web server shines in all its glory – the configuration. System administrators who are used to the complexities of Apache or Nginx configurations will be fascinated. In addition, the ease with which you can set up Caddy with PHP support and automatic SSL certificate issuance on your Rocky Linux 9 or AlmaLinux 9 system is remarkable.
Open the Caddy configuration file, โCaddyfile,โ using your preferred text editor, remove all lines and add the following ones. Donโt be worried if you need help understanding what theyโre for. Iโll explain in more detail below.
sudo vim /etc/caddy/Caddyfilecaddy.tmplinux.com {
root * /srv/www/caddy
tls [email protected]
encode gzip zstd
php_fastcgi unix//run/php-fpm/www.sock
}Code language: JavaScript (javascript)The final result should look like this:
caddy.tmplinux.com: The domain name that the Caddy web server will serve. Replace it with the one you use.root * /srv/www/caddy: The full path to the root directory containing your website files.tls [email protected]: Instructs Caddy to automatically issue a free Letโs Encrypt SSL certificate, and the e-mail address to which notifications intended for the owner will be sent is specified.encode gzip zstd: Specifies the use of compression for fast performance.php_fastcgi unix//run/php-fpm/www.sock: The path to the socket file where the PHP-FPM service listens.
Everything is ready. Save the file and exit. All that is left is to restart the Caddy service to apply the new configuration settings.
sudo systemctl restart caddyStep 6: Verify Caddy PHP and SSL Support
You have completed the installation of Caddy with PHP and SSL support on Rocky Linux 9 / AlmaLinux 9. So, letโs create a test PHP file to verify that PHP-FPM works and is successfully integrated with Caddy.
echo "<?php phpinfo(); ?>" | sudo tee /srv/www/caddy/index.phpCode language: HTML, XML (xml)Finally, you got to the most fun part of the process: enjoying the results of your effort. So, letโs load the domain address into a browser, in our case, โcaddy.tmplinux.com.โ
Good job! As you can see, a web page with complete information about PHP installation appears. Caddy has also automatically issued an SSL certificate for the domain, making communication to the website secure. But how safe is the combination of Caddy and the Letโs Encrypt certificate? Let’s check it at Qualys SSL Labs. Yes, the maximum possible score!
Finally, Iโd want to make a necessary clarification. Caddy cannot issue an SSL certificate if your server is behind a proxy service provided by Cloudflare, DigitalOcean, or similar services due to the specifics of how the traffic is proxied.
In other words, Caddy must be precompiled with some additional modules to use this feature. The procedure is simple, but because it is outside the scope of this article, it will be detailed in a separate one.
Conclusion
This guide showed you how to install the Caddy web server with PHP 8 and SSL support on Rocky Linux 9 or AlmaLinux 9, so PHP-based web apps can run on your server. The certbot tool is another option for obtaining a free Letโs Encrypt SSL certificate. Our how-to guide will show you how.
Caddy comes with strong SSL support embedded directly into its core. In addition, it automatically issues SSL certificates and securely configures the SSL setup. So, please check the projectโs website and documentation for additional in-depth information about Caddy.
Overall, Caddy is a reliable Nginx alternative. Installing it with PHP 8 support on Rocky or Alma and obtaining a Letโs Encrypt SSL certificate is simple and efficient, making it an excellent choice for those looking to set up a fast, secure, and reliable web server on their enterprise Linux system.
