HomeCatalog⚙️ DevOps & InfrastructureCaddy
Screenshot of Caddy website

// screenshot of caddyserver.com ↗

DEVOPS & INFRASTRUCTURE · FREE TIER

Caddyfree

Caddy is a modern HTTP/2 + HTTP/3 web server with automatic HTTPS — Let's Encrypt certificate provisioning + renewal built-in, no manual setup. Simple Caddyfile config (vs nginx's terse syntax), Go-based single binary. Designed for the "set and forget" web server experience.

Install via WHMCS → Visit caddyserver.com ↗
⚙️ DevOps & Infrastructure Min 128 MB RAM Port 80 (http) Tier free
// What it is

A closer look.

Caddy is a modern HTTP/2 + HTTP/3 web server with automatic HTTPS — Let's Encrypt certificate provisioning + renewal built-in, no manual setup. Simple Caddyfile config (vs nginx's terse syntax), Go-based single binary. Designed for the "set and forget" web server experience.

For developers who don't want to maintain certbot cron jobs or fight with nginx config files, Caddy is the answer.

// Use cases

What it's for.

Concrete scenarios where teams pick Caddy over the SaaS alternative.

Reverse proxy

front-load app servers with auto-SSL

Static site hosting

serve docs sites, marketing pages, SPAs

HTTPS automation

Let's Encrypt + ZeroSSL with zero config

HTTP/3 + QUIC

modern protocol support out of the box

Multi-domain hosting

Caddyfile vhost-style configs

// Who it's for

Built for these teams.

If your team profile matches one of these, Caddy is a strong fit out of the box.

Profile A

Developers

preferring simple config over nginx complexity

Profile B

Indie projects

hosting their own sites without certbot wrangling

Profile C

Internal tools

needing reverse proxy with auto-SSL

Profile D

DevOps teams

managing dozens of subdomains without per-cert hassle

Profile E

Privacy-conscious self-hosters

wanting HTTPS-everywhere by default

// Differentiators

Why teams pick Caddy.

When evaluating self-hosted options for this category, here are the dimensions on which Caddy consistently lands above the alternatives.

  • Auto HTTPS — built-in ACME client; renewals handled automatically
  • Apache 2.0 — fully open, commercial use unrestricted
  • Simple config — Caddyfile is readable; nginx requires expertise
  • Single binary — no module dependency hell
  • HTTP/3 native — QUIC support out of the box
  • JSON config API — programmatic configuration via REST
// Integrations

Connects to.

The stack you'll plug Caddy into — services, protocols, and adjacent apps in the BluixApps catalog.

ACME providers
Let's Encrypt, ZeroSSL, custom CA
DNS providers
DNS-01 challenge for wildcard certs (Cloudflare, Route 53, custom)
Backends
proxy to any HTTP service; load balance between multiples
Authentication
built-in basic auth, JWT validation, integration with Authelia
Logging
JSON-structured logs, OpenTelemetry tracing
Config sources
Caddyfile, JSON API, environment variables
Plugins
Go-based plugin system for extensions
// Adoption & deployment

Notable users & community

  • 60k+ GitHub stars
  • Used by Stripe (some internal tools), many SaaS startups, indie devs
  • Active forum, frequent releases
  • Backed by ZeroSSL and community; commercial enterprise offering
  • Strong reputation in self-hosting circles

What we ship

  • Docker compose: Caddy + persistent ACME storage
  • Pinned caddy:2.8 (release-tagged)
  • HTTPS via Let's Encrypt automatic on first request
  • Caddyfile pre-configured for reverse proxy pattern
  • Optional DNS-01 challenge via env config
  • Persistent volume for ACME certs + JSON config
  • Backup hook covers /data/caddy (cert storage)
// Tips & operations

Run it properly.

Operational guidance from running this in production — what to do before you scale, what to lock down, what surprises people.

// PERFORMANCE
Use Caddyfile for simple, JSON for programmatic
start with Caddyfile, switch to JSON if dynamic
// SECURITY
DNS-01 for wildcards
HTTP-01 doesn't support wildcard certs; need DNS provider creds
// OPERATIONS
Mount persistent ACME storage
/data/caddy holds certs + keys; mount volume so renewals persist
// RELIABILITY
Rate-limit ACME
Let's Encrypt has rate limits per domain; test in staging first
// DEPLOYMENT
Health checks for backends
health_uri directive avoids forwarding to unhealthy upstreams
// SCALING
Reload config without downtime
caddy reload graceful reload; faster than nginx -s reload
128
// min ram (MB)
1
// min disk (GB)
80
// access port
http
// protocol
free
// bluixapps tier
see install script
// docker image

Project resources

Official sitecaddyserver.com ↗
// Alternatives in DevOps & Infrastructure

Compare with

DevOps & Infrastructure
Appsmith
Open page →
DevOps & Infrastructure
Budibase
Open page →
DevOps & Infrastructure
Cachet
Open page →