Installing Caddy and PHP 8 on Rocky Linux 9 / AlmaLinux 9

Installing Caddy and PHP 8 on Rocky Linux 9 / AlmaLinux 9

This step-by-step guide shows how to install the Caddy web server with PHP 8 support on Rocky Linux 9 / AlmaLinux 9 and obtain a free SSL certificate.

Caddy is a free, security-focused, HTTP/2-enabled web server written in Go, designed to be simple, efficient, and portable. It offers modern capabilities such as virtual host support, reverses proxy functionality, and so on. Furthermore, Caddy is the first web server to automatically obtain and renew SSL/TLS certificates using Let’s Encrypt.

Caddy’s popularity has skyrocketed in the last few years due to its ease of use, speed, and native SSL support. So, it is quickly becoming the web server of choice for many developers and system administrators.

If you’re new to Caddy setup and management, this process can seem daunting, but don’t worry – we’ve made it easy for you. By following the steps in this guide, you’ll be able to quickly and easily get your Caddy server up and running with PHP 8 support on Rocky Linux 9 or AlmaLinux 9 to make setting up your website a breeze. So, let’s get to work.

Prerequisites

You’ll need access to a Rocky Linux 9 or AlmaLinux 9 server to complete this guide. In addition, all commands shown are run by a regular user with sudo execution permissions. Therefore, you should own one.

Of course, you can skip the sudo portion of the commands and run them directly as a root user. The result will be the same in both cases.

Additionally, if you use a firewall on the server, make sure it does not block ports 80 and 443.

sudo firewall-cmd --permanent --add-service={http,https}
sudo firewall-cmd --reload
Enable ports 80 and 443 to the server using firewalld.
Enable ports 80 and 443 to the server using firewalld.

If you are concerned about dealing with firewalld, our comprehensive guide will come in handy.

Step 1: Enable COPR Repository

The Caddy web server is unavailable in the default Rocky or Alma repositories. However, it can be installed via the COPR (Cool Other Package Repo) repository. So, let’s add it first.

sudo dnf install 'dnf-command(copr)'
Install the COPR repository.
Install the COPR repository on Rocky Linux 9 / AlmaLinux 9.

Then enable it by answering “Y” after executing the following command:

sudo dnf copr enable @caddy/caddy
Enable the CORP repository.
Enable the COPR repository.

Step 2: Install Caddy Web Server on Rocky Linux 9 / AlmaLinux 9

Install the Caddy web server:

sudo dnf install caddy
Install Caddy Web Server on Rocky Linux 9 / AlmaLinux 9.
Install Caddy Web Server on Rocky Linux 9 / AlmaLinux 9.

You will be prompted to accept the COPR repository GPG key during installation. Answer “Y” and hit “Enter.”

Accept COPR's repository GPG key.
Accept COPR’s repository GPG key.

Step 3: Enable and Start Caddy’s Service

Once the Caddy is installed, enable auto-start and start the service.

sudo systemctl enable caddy
sudo systemctl start caddy

You can check the status of the Caddy service by running the following:

sudo systemctl status caddy

The result should be as shown below.

Check the Caddy service status.
Check the Caddy service status.

Now, point your browser to the domain Caddy will serve, and Caddy’s default web page will welcome you. We’ll use the temporarily created subdomain “caddy.tmplinux.com” for this guide. Of course, replace it with the one for your case.

You will be greeted by the Caddy web server’s default page.

Caddy web server's default page.
Caddy web server’s default page.

As you can see, Caddy is up and running and working as expected. In the following steps, we will add PHP support, create a virtual host for our domain, and automatically obtain a free SSL Let’s Encrypt certificate.

Step 4: Install PHP 8 on Rocky Linux 9 / AlmaLinux 9

To add PHP support to the Caddy web server, you must install and use PHP-FPM to execute PHP files. So, to install it alongside several most widely used PHP modules, type the command below, and when prompted, enter “Y” to confirm.

sudo dnf install php-fpm php-mysqlnd php-gd php-cli php-curl php-mbstring php-bcmath php-zip php-opcache php-xml php-json php-intl
Install PHP 8 on Rocky Linux 9 / AlmaLinux 9.
Install PHP 8 on Rocky Linux 9 / AlmaLinux 9.

Then, open the “/etc/php-fpm.d/www.conf” file:

sudo vim /etc/php-fpm.d/www.conf

Find and change the following three lines from that:

user = apache
group = apache
listen.acl_users = apache,nginx

To this:

user = caddy
group = caddy
listen.acl_users = apache,nginx,caddy

The final result should look like this:

Change the PHP-FPM configuration file.
Change the PHP-FPM configuration file.
Change the PHP-FPM configuration file.
Change the PHP-FPM configuration file.

Finally, save and exit the file, then enable the PHP-FPM service to start on the system boot and start it:

sudo systemctl enable php-fpm
sudo systemctl start php-fpm

Step 5: Configure Caddy to Use PHP and SSL

Before proceeding, create the directory in which your website files will be housed. In other words, the one you’ll point Caddy to for your website’s root directory. For example, “/srv/www/caddy.”

sudo mkdir -p /srv/www/caddy

If you’re using SELinux, you need to change the file security context for this directory.

sudo chcon -t httpd_sys_content_t /srv/www/caddy -R
sudo chcon -t httpd_sys_rw_content_t /srv/www/caddy -R

We’ve reached the most enjoyable portion of the process, where the Caddy web server shines in all its glory – the configuration. System administrators who are used to the complexities of Apache or Nginx configurations will be fascinated. In addition, the ease with which you can set up Caddy with PHP support and automatic SSL certificate issuance on your Rocky Linux 9 or AlmaLinux 9 system is remarkable.

Open the Caddy configuration file, “Caddyfile,” using your preferred text editor, remove all lines and add the following ones. Don’t be worried if you need help understanding what they’re for. I’ll explain in more detail below.

sudo vim /etc/caddy/Caddyfile
caddy.tmplinux.com {
        root * /srv/www/caddy
        tls [email protected]
        encode gzip zstd
        php_fastcgi unix//run/php-fpm/www.sock
}

The final result should look like this:

Caddy with configured PHP 8 and SSL support on Rocky Linux 9 / AlmaLinux 9.
Caddy with configured PHP 8 and SSL support on Rocky Linux 9 / AlmaLinux 9.
  • caddy.tmplinux.com: The domain name that the Caddy web server will serve. Replace it with the one you use.
  • root * /srv/www/caddy: The full path to the root directory containing your website files.
  • tls [email protected]: Instructs Caddy to automatically issue a free Let’s Encrypt SSL certificate, and the e-mail address to which notifications intended for the owner will be sent is specified.
  • encode gzip zstd: Specifies the use of compression for fast performance.
  • php_fastcgi unix//run/php-fpm/www.sock: The path to the socket file where the PHP-FPM service listens.

Everything is ready. Save the file and exit. All that is left is to restart the Caddy service to apply the new configuration settings.

sudo systemctl restart caddy

Step 6: Verify Caddy PHP and SSL Support

You have completed the installation of Caddy with PHP and SSL support on Rocky Linux 9 / AlmaLinux 9. So, let’s create a test PHP file to verify that PHP-FPM works and is successfully integrated with Caddy.

echo "<?php phpinfo(); ?>" | sudo tee /srv/www/caddy/index.php

Finally, you got to the most fun part of the process: enjoying the results of your effort. So, let’s load the domain address into a browser, in our case, “caddy.tmplinux.com.”

Caddy with PHP 8 and SSL support running on Rocky Linux 9 / Alma Linux 9.
Caddy with PHP 8 and SSL support running on Rocky Linux 9 / Alma Linux 9.

Good job! As you can see, a web page with complete information about PHP installation appears. Caddy has also automatically issued an SSL certificate for the domain, making communication to the website secure. But how safe is the combination of Caddy and the Let’s Encrypt certificate? Let’s check it at Qualys SSL Labs. Yes, the maximum possible score!

Verify Caddy’s security with Let’s Encrypt certificate at Qualys SSL Labs.
Verify Caddy’s security with Let’s Encrypt certificate at Qualys SSL Labs

Finally, I’d want to make a necessary clarification. Caddy cannot issue an SSL certificate if your server is behind a proxy service provided by Cloudflare, DigitalOcean, or similar services due to the specifics of how the traffic is proxied.

In other words, Caddy must be precompiled with some additional modules to use this feature. The procedure is simple, but because it is outside the scope of this article, it will be detailed in a separate one.

Conclusion

This guide showed you how to install the Caddy web server with PHP 8 and SSL support on Rocky Linux 9 or AlmaLinux 9, so PHP-based web apps can run on your server. The certbot tool is another option for obtaining a free Let’s Encrypt SSL certificate. Our how-to guide will show you how.

Caddy comes with strong SSL support embedded directly into its core. In addition, it automatically issues SSL certificates and securely configures the SSL setup. So, please check the project’s website and documentation for additional in-depth information about Caddy.

Overall, Caddy is a reliable Nginx alternative. Installing it with PHP 8 support on Rocky or Alma and obtaining a Let’s Encrypt SSL certificate is simple and efficient, making it an excellent choice for those looking to set up a fast, secure, and reliable web server on their enterprise Linux system.

Bobby Borisov
Bobby Borisov

Bobby is an Editor-in-Chief at Linuxiac. He is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, Bobby has worked as a Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Leave a Reply

Your email address will not be published. Required fields are marked *