← All repositories

caddyservercaddy

0
GitHub
70,190 stars4,644 forksGoapache-2.01 view
caddyserver.com

Caddy

Caddy is an extensible, modular web server platform designed for high-performance traffic management and automated security. At its core, it functions as a dynamic HTTP gateway that handles request routing, static asset delivery, and reverse proxying through a chain of configurable handler modules. The system is built on a modular architecture that allows developers to extend server functionality by registering custom components, all managed through a unified lifecycle and provisioning framework.

What distinguishes Caddy is its focus on automated infrastructure and zero-downtime operations. It provides native, automated HTTPS management by handling the entire lifecycle of TLS certificates, including issuance and renewal via public or private certificate authorities. The server state is managed through a JSON-driven configuration schema that supports atomic, background validation and swapping, enabling real-time updates to routing rules and server settings without interrupting active connections.

The platform offers a comprehensive suite of tools for observability and control, including a dedicated administrative API for managing server state and inspecting metrics. It supports complex traffic filtering through flexible request matching, allowing for granular control over how incoming traffic is processed. Developers can define server behavior using a declarative configuration syntax, which the system validates and converts into its native JSON format for deployment.

Features

  • Automated HTTPS ManagementProvisioning and renewing TLS certificates automatically for web services to ensure secure encrypted connections without manual intervention.
  • Atomic Configuration SwappersNew configurations are validated and provisioned in the background before replacing the active server state to ensure zero-downtime updates.
  • HTTP Server DirectivesCaddy defines server behavior using directives that accept optional request matchers and subdirectives to filter and process incoming HTTP traffic based on specific criteria.
  • Reverse ProxiesCaddy proxies incoming requests to a backend server, optionally using path matchers to route specific traffic while serving other requests as static files.
  • Request MatchersCaddy defines request matchers to limit the scope of directives by using wildcard, path, or named matcher tokens within the configuration file.
  • Reverse Proxy OrchestratorsRouting incoming web traffic to backend services while handling load balancing, request modification, and protocol upgrades transparently.
  • Automated Certificate ManagementCaddy serves all sites over HTTPS automatically by managing certificate issuance, renewal, and HTTP-to-HTTPS redirection for both public domains and local hostnames.
  • On-Demand TLS IssuanceCaddy obtains TLS certificates dynamically during the initial handshake for unknown or customer-provided domains without requiring pre-configuration of hostnames.
  • Automatic HTTPS ProxiesA network gateway that manages the full lifecycle of TLS certificates by integrating directly with public and private certificate authorities.
  • Server Module ManagersCaddy manages server modules by loading, running, and stopping components through a JSON interface that supports atomic, zero-downtime reloads and isolated module lifecycles.
  • HTTP Listener ConfigurationsCaddy customizes HTTP server listener behavior, including custom names, connection timeouts, keepalive settings, proxy trust configurations, and protocol support for specific listener addresses.
  • Modular Plugin ArchitecturesA core runtime that allows developers to extend server functionality by registering custom components with standardized lifecycle and provisioning methods.
  • Extensible Web ServersA modular server platform that handles HTTP traffic, manages TLS certificates automatically, and supports dynamic configuration through a JSON interface.
  • Virtual Host DefinitionsCaddy defines site addresses to specify hostnames, ports, and schemes, allowing the server to automatically manage certificates and route incoming requests based on host headers.
  • Directive-Based Request PipelinesIncoming HTTP requests traverse a chain of ordered handler modules that process, match, and transform traffic based on defined rules.
  • TLS Handshake OrchestratorsThe server intercepts incoming connections to dynamically provision certificates or select appropriate security policies during the TLS handshake process.
  • TLS Configuration ManagementCaddy manages automatic HTTPS certificate issuance, ACME account details, local certificate authority settings, and TLS handshake behavior like SNI defaults and protocol versions.
  • Extensible Server ArchitecturesBuilding custom server functionality through a modular plugin system that allows developers to inject logic into the request lifecycle.
  • Dynamic Configuration APIsUpdating server settings and routing rules in real-time through an API without interrupting active connections or restarting processes.
  • JSON-Driven Configuration SchemasThe entire server state is represented as a hierarchical JSON document that defines all modules, routes, and global settings.
  • Dynamic Configuration EnginesA control plane that processes and validates server settings in real-time to enable zero-downtime updates and atomic configuration reloads.
  • Server Site BlocksCaddy defines site blocks to configure web servers, using curly braces for multiple sites or optional braces for single-site configurations to manage server settings.
  • Admin API Control PlanesA dedicated internal HTTP interface provides secure, authenticated access to manage server state, inspect metrics, and trigger runtime operations.
  • Static File ServersCaddy launches a production-ready static file server with support for directory browsing, template rendering, access logging, and automatic compression of served files.
  • Structured LoggingCaddy emits structured log messages from core or plugin code by providing a log level, a message, and strongly-typed fields for efficient, low-overhead diagnostic data collection.
  • Guest Module LoadersCaddy loads and initializes guest modules within a host module by defining raw JSON fields and using context methods to provision and store the resulting module instances.
  • Module Registration InterfacesCaddy allows developers to register custom modules that follow a standardized lifecycle of loading, provisioning, and cleanup to integrate seamlessly with the core server process.
  • Certificate Storage BackendsCaddy configures persistent storage backends to share certificates and coordinate management across multiple server instances in a cluster.
  • ACME Validation StrategiesCaddy validates domain ownership using HTTP, TLS-ALPN, or DNS challenges to obtain publicly-trusted TLS certificates from ACME-compliant certificate authorities.
  • Single Page Application HostingCaddy hosts single-page applications by rewriting requests for non-existent files to a central index file, allowing client-side routing to manage the application state.
  • Static Asset ServingDeploying high-performance web servers optimized for delivering static files, directory listings, and compressed content to end users.
  • Global Server SettingsCaddy configures global server behavior including debug logging, network port assignments, default bind addresses, directive execution order, storage backends, and administrative API settings.
  • Interface-Based Module RegistriesModules implement specific Go interfaces to allow the core system to dynamically load, provision, and manage their lifecycles.
  • Certificate AuthoritiesCaddy defines internal certificate authority parameters, including common names, certificate lifetimes, and maintenance intervals for local HTTPS and ACME server features.
  • Global Configuration OptionsCaddy sets global configuration options that apply to the entire server instance by defining a special block at the beginning of the configuration file.
  • Observability-First RuntimesA production-ready server environment that provides structured logging, performance profiling, and metrics endpoints for monitoring and diagnostic analysis.
  • Module Lifecycle ManagementCaddy manages the lifecycle of custom modules by implementing provisioning, validation, and cleanup methods that execute automatically when modules are loaded or discarded by the system.
  • Expression-Based MatchersCaddy evaluates custom boolean logic for request matching using the Common Expression Language to combine multiple criteria flexibly.
  • Host Header MatchersCaddy matches requests based on the Host header field, useful for applying specific logic within site blocks that handle multiple hostnames.
  • Directive Execution OrderersCaddy controls the execution sequence of HTTP handlers by relying on a hard-coded default order or by explicitly overriding the evaluation priority for specific directives.
  • Dynamic Configuration PlaceholdersCaddy injects dynamic values into configuration arguments using placeholders, which are expanded at runtime based on the request context or specific module data.
  • Reusable Configuration BlocksCaddy defines reusable route blocks to share complex configurations across multiple sites, reducing memory usage and simplifying maintenance for repeated server logic.
  • Metrics CollectorsCaddy enables metrics collection for the server to observe request patterns, with options for per-host granularity and automatic discovery of unconfigured hosts.
  • Runtime Performance ProfilersCaddy accesses runtime performance profiles including heap, CPU, and goroutine data through the admin interface to diagnose memory leaks, contention, and performance bottlenecks.
  • Local Certificate AuthoritiesCaddy generates and manages local certificate authorities to provide trusted HTTPS for internal hostnames and IP addresses that do not qualify for public certificates.
  • Filesystem Request MatchersCaddy matches requests based on the existence, size, or modification time of files on disk, with support for custom root directories and fallback policies.
  • Query Parameter MatchersCaddy matches requests based on specific query string parameters, supporting exact key matching, wildcard values, and multiple values per key.
  • Event-Driven Lifecycle ManagersSystem components communicate through a centralized event bus that triggers automated actions like certificate renewal or configuration reloads.