I've been using caddy as a web server and reverse proxy for a few years and am generally happy with it, though the process of installing it is never simple. As I write this, I am moving my web server/rprox to a new box, so I'm going to document it for the next time I do it. I'll probably be using caddy2 at that point, and none of this will be relevant.

====== Stuff Needed ======
 I keep a ~/caddyMess directory with: 
  * a caddy binary
  * [[caddy:caddy.service|caddy.service]]
  * an example [[caddy:Caddyfile|Caddyfile]]

This is enough to get started. I don't move certs or logs.

====== Go ======
  - Put the binary in /usr/local/bin/caddy <code>sudo cp caddy /usr/local/bin/caddy</code>
  - Let the binary bind privileged ports <code>sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy</code>
  - Set up the user, group, and directories <code>sudo groupadd -g 33 www-data
sudo useradd \
  -g www-data --no-user-group \
  --home-dir /var/www --no-create-home \
  --shell /usr/sbin/nologin \
  --system --uid 33 www-data

sudo mkdir /etc/caddy
sudo chown -R root:root /etc/caddy
sudo mkdir /etc/ssl/caddy
sudo chown -R root:www-data /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddy</code>
  - Install the service file <code>sudo cp caddy.service /etc/systemd/system/
sudo chown root:root /etc/systemd/system/caddy.service
sudo chmod 644 /etc/systemd/system/caddy.service
sudo systemctl daemon-reload</code>
  - Install the caddyfile (edit as needed obvs) <code>sudo cp Caddyfile /etc/caddy/Caddyfile</code>
  - Start and enable the service <code>sudo systemctl --now enable caddy ; sudo systemctl status caddy</code>