Quic and HTTP3 by default
As of version 2.6, QUIC+HTTP3 is activated by default when running the Caddy server. The protocols can be tuned in the global options block:
{
servers :443 {
protocols h1 h2 h3
}
}
Auto TLS certificates
No more managing Let's encrypt certificates manually. Caddy does everything automatically from provisioning the certificates, to the renewing and revoking.
Built-in tooling
The Caddy binary comes with useful commands out of the box to do several tasks like:
- format the configuration file(caddyfile):
# format and save file in place
caddy fmt --overwrite
-
Validating the config file with
caddy validate -
Generate hash passwords to be used in things like basic authentication, etc:
caddy hash-password
Dynamic templating
Caddy has a templating system that offers primitives to do things like: dynamically importing HTML pages, markdown rendering, JSON parsing, time and etc
PHP and FastCGI
We can render PHP files by passing it to the FastCGI server with:
asite.com {
root * /var/www/a-site
php_fastcgi unix//run/php/php8.1-fpm.sock
file_server
}
Securing server/paths with basic auth
We can quickly add basic auth by generating the password has with caddy hash-password and then adding the config to the server block with:
asite.com {
# for /login path or we can remove the path and have it applied for everything
basicauth /login {
<username> <hashed-password>
}
handle {
reverse_proxy :8000
}
}
Reverse-proxying
Doing reverse proxy is as simple as:
a-site {
reverse_proxy :5031
}
Gotchas
- As far as I know, you can't define global headers, they need to be defined inside a server block