DEV Community

Alex Spinov
Alex Spinov

Posted on

Caddy Has a Free API: The Web Server With Automatic HTTPS

#caddy #webserver #https #devops

Nginx needs 15 lines of config for HTTPS. Caddy needs 2. And it handles certificate renewal automatically.

What Is Caddy?

Caddy is a modern web server with automatic HTTPS. It obtains and renews TLS certificates from Let's Encrypt without any configuration.

# Caddyfile — that's the ENTIRE config
mysite.com {
    reverse_proxy localhost:3000
}
Enter fullscreen mode Exit fullscreen mode 
caddy run
# HTTPS certificate obtained and configured automatically
Enter fullscreen mode Exit fullscreen mode

Reverse Proxy 

# Multiple backends
api.example.com {
    reverse_proxy localhost:8080
}

app.example.com {
    reverse_proxy localhost:3000
}

# Load balancing
api.example.com {
    reverse_proxy localhost:8080 localhost:8081 localhost:8082 {
        lb_policy round_robin
        health_uri /health
        health_interval 10s
    }
}
Enter fullscreen mode Exit fullscreen mode

Static Files + SPA 

mysite.com {
    root * /var/www/html
    file_server
    try_files {path} /index.html  # SPA fallback
    encode gzip
}
Enter fullscreen mode Exit fullscreen mode

The Admin API

Caddy has a REST API for dynamic configuration:

# Get current config
curl localhost:2019/config/

# Add a route dynamically
curl -X POST localhost:2019/config/apps/http/servers/srv0/routes \
  -H "Content-Type: application/json" \
  -d '{"match": [{"host": ["new.example.com"]}], "handle": [{"handler": "reverse_proxy", "upstreams": [{"dial": "localhost:9000"}]}]}'

# Reload config without downtime
curl -X POST localhost:2019/load \
  -H "Content-Type: application/json" \
  -d @caddy.json
Enter fullscreen mode Exit fullscreen mode

Caddy vs Nginx

Feature Nginx Caddy
HTTPS Manual (certbot) Automatic
Config Complex Simple
Reload nginx -s reload API or auto
HTTP/3 Extra module Built-in
Go plugins N/A Built-in support
Memory Lower Slightly higher

Why Caddy

  • Automatic HTTPS — zero-config TLS with Let's Encrypt
  • Simple config — Caddyfile is human-readable
  • Admin API — dynamic config changes without restart
  • HTTP/3 — built-in QUIC support
  • Single binary — one file, no dependencies
  • Extensible — write plugins in Go 
caddy reverse-proxy --from mysite.com --to localhost:3000
# One command. HTTPS. Done.
Enter fullscreen mode Exit fullscreen mode

Building web infrastructure? Check out my developer tools or email spinov001@gmail.com.

Top comments (0)