How to Install Caddy Web Server on Ubuntu 24.04
In this tutorial, you’ll install Caddy on a Raff Ubuntu 24.04 VM, serve a static website, and verify automatic HTTPS in the browser.
Caddy is a modern web server that can serve websites and manage HTTPS certificates automatically. This tutorial installs Caddy from the official package repository, configures a simple static site, opens the required firewall ports, and verifies that HTTP redirects to HTTPS. Raff Technologies has supported 10,000+ VM deployments across its compute platform, and Raff Linux VMs can be provisioned in 60 seconds with NVMe storage and unmetered bandwidth.
This tutorial was tested on a Raff Ubuntu 24.04 VM. The browser verification used a domain pointed to the VM’s public IPv4 address.
Tested on Raff infrastructure by Aybars Altınyay, platform engineer at Raff Technologies.
Prerequisites:
- A Raff Ubuntu 24.04 VM
- SSH access with sudo privileges
- A domain or subdomain pointed to your VM’s public IPv4 address
- Ports
80/tcpand443/tcpavailable on the VM - Basic familiarity with Linux terminal commands
📌 Note: Caddy needs a real domain or subdomain for public automatic HTTPS. Replace
your-domain.comin this tutorial with your own domain.
Step 1 — Update system packages
Update the Ubuntu package index and install the required package tools:
sudo apt update sudo apt upgrade -y sudo apt install -y curl debian-keyring debian-archive-keyring apt-transport-https ufw
Verify that package upgrades are complete:
sudo apt list --upgradable
Expected output:
Listing... Done
Step 2 — Install Caddy from the official repository
Add the Caddy repository key:
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | \ sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
Add the Caddy stable repository:
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | \ sudo tee /etc/apt/sources.list.d/caddy-stable.list
Make the keyring and repository file readable by APT:
sudo chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg sudo chmod o+r /etc/apt/sources.list.d/caddy-stable.list
Install Caddy:
sudo apt update sudo apt install -y caddy
Verify the installed version and service status:
caddy version systemctl status caddy --no-pager
Expected output includes:
Active: active (running)
Step 3 — Configure UFW firewall rules
Allow SSH, HTTP, and HTTPS traffic:
sudo ufw allow 22/tcp sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw --force enable
Verify the firewall rules:
sudo ufw status numbered
Expected output includes:
22/tcp ALLOW IN 80/tcp ALLOW IN 443/tcp ALLOW IN
Step 4 — Point your domain to the Raff VM
Create an A record at your DNS provider:
Type: A Name: your-domain.com Value: your-server-ip TTL: Auto or 300
Replace your-server-ip with your Raff VM’s public IPv4 address.
Verify DNS from the VM:
dig +short your-domain.com
Expected output:
your-server-ip
If DNS does not return your VM IP yet, wait for propagation before continuing.
Step 5 — Create a static website directory
Create a directory for the website:
sudo mkdir -p /var/www/caddy-demo
Create a test page:
cat <<'EOF' | sudo tee /var/www/caddy-demo/index.html <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Hello from Caddy on Ubuntu 24.04</title> <style> body { font-family: system-ui, sans-serif; max-width: 760px; margin: 80px auto; padding: 0 24px; line-height: 1.6; } code { background: #f2f2f2; padding: 2px 6px; border-radius: 4px; } </style> </head> <body> <h1>Hello from Caddy on Ubuntu 24.04</h1> <p>This static website is served by Caddy on a Raff Ubuntu 24.04 VM.</p> <p>HTTPS is active and managed automatically by Caddy.</p> </body> </html> EOF
Set ownership for the Caddy service user:
sudo chown -R caddy:caddy /var/www/caddy-demo
Verify the file exists:
ls -l /var/www/caddy-demo/index.html
Expected output includes:
index.html
Step 6 — Configure the Caddyfile
Back up the default Caddyfile:
sudo cp /etc/caddy/Caddyfile /etc/caddy/Caddyfile.bak
Open the Caddyfile:
sudo nano /etc/caddy/Caddyfile
Replace the file contents with:
your-domain.com { root * /var/www/caddy-demo encode gzip file_server }
Replace your-domain.com with your real domain or subdomain.
Validate the configuration:
sudo caddy validate --config /etc/caddy/Caddyfile
Expected output includes:
Valid configuration
Reload Caddy:
sudo systemctl reload caddy
Verify that Caddy is still active:
systemctl status caddy --no-pager
Expected output includes:
Active: active (running)
Step 7 — Verify the HTTPS static site
Open your site in the browser:
https://your-domain.com
The test page should load over HTTPS.

Verify HTTPS from the terminal:
curl -I https://your-domain.com
Expected output includes either:
HTTP/2 200
or:
HTTP/1.1 200 OK
Verify that HTTP redirects to HTTPS:
curl -I http://your-domain.com
Expected output includes:
308 Permanent Redirect
Step 8 — Verify Caddy end to end
Click the browser security icon next to the address bar and confirm that the connection is secure.

Verify the final service state from the VM:
systemctl is-active caddy sudo ss -lntp | grep -E ':80|:443' sudo caddy validate --config /etc/caddy/Caddyfile
Expected output includes:
active Valid configuration
End-to-end verification is complete when:
- Caddy is active under
systemd - Your domain points to the Raff VM
- The static website loads over HTTPS
- HTTP redirects to HTTPS
- The browser shows a secure connection
- Caddy listens on ports
80and443
Cleanup (Optional)
Use this section only when you want to remove Caddy, the demo website, TLS assets, repository files, and firewall rules from the VM.
⚠️ Warning: The following commands remove the Caddy site, local configuration, and Caddy-managed certificate data. Back up anything you need before proceeding.
Stop and disable Caddy:
sudo systemctl stop caddy sudo systemctl disable caddy
Remove the demo website:
sudo rm -rf /var/www/caddy-demo
Remove Caddy packages:
sudo apt remove --purge caddy -y sudo apt autoremove -y
Remove Caddy configuration, data, logs, repository file, and keyring:
sudo rm -rf /etc/caddy sudo rm -rf /var/lib/caddy sudo rm -rf /var/log/caddy sudo rm -f /etc/apt/sources.list.d/caddy-stable.list sudo rm -f /usr/share/keyrings/caddy-stable-archive-keyring.gpg
Remove public web firewall rules only if this VM no longer serves websites:
sudo ufw delete allow 80/tcp sudo ufw delete allow 443/tcp sudo ufw status numbered
Verify that Caddy is removed:
systemctl status caddy --no-pager
Expected output includes:
Unit caddy.service could not be found.
Troubleshooting
Caddy cannot issue an HTTPS certificate
Cause: DNS is not pointing to the VM, ports 80 and 443 are blocked, or another service is already using those ports.
Fix:
dig +short your-domain.com sudo ufw status numbered sudo ss -lntp | grep -E ':80|:443'
Expected checks:
dig returns your VM public IPv4 address 80/tcp is allowed 443/tcp is allowed Caddy is the service listening on ports 80 and 443
If another web server is using ports 80 or 443, stop it before reloading Caddy:
sudo systemctl stop nginx sudo systemctl stop apache2 sudo systemctl reload caddy
Only stop services that are installed and safe to stop on your VM.
The browser shows an insecure connection
Cause: You are using an IP address instead of a domain, DNS has not propagated, or certificate issuance has not completed.
Fix:
dig +short your-domain.com sudo journalctl -u caddy --no-pager -n 80 curl -I https://your-domain.com
Expected output from the HTTPS check includes:
200 OK
If DNS is correct and ports are open, wait one minute and refresh the browser.
Caddy fails to reload after editing the Caddyfile
Cause: The Caddyfile contains a syntax error.
Fix:
sudo caddy validate --config /etc/caddy/Caddyfile
Edit the Caddyfile:
sudo nano /etc/caddy/Caddyfile
Reload after validation succeeds:
sudo systemctl reload caddy
Expected output from validation:
Valid configuration
The site returns 404
Cause: The Caddyfile root path does not match the website directory, or index.html is missing.
Fix:
ls -l /var/www/caddy-demo sudo grep -n "root" /etc/caddy/Caddyfile
Expected output includes:
index.html root * /var/www/caddy-demo
Reload Caddy after fixing the path:
sudo systemctl reload caddy
The site returns 403
Cause: Caddy cannot read the website files.
Fix:
sudo chown -R caddy:caddy /var/www/caddy-demo sudo chmod -R 755 /var/www/caddy-demo sudo systemctl reload caddy
Verify again:
curl -I https://your-domain.com
Expected output includes:
200 OK
Conclusion and next steps
You now have Caddy installed on a Raff Ubuntu 24.04 VM, serving a static website over automatically managed HTTPS. You also verified the browser security state, HTTP-to-HTTPS redirect behavior, and the active Caddy service. If you have not deployed your Raff VM yet, you can spin one up in 60 seconds at rafftechnologies.com.
Next: How to Set Up Caddy as a Reverse Proxy on Ubuntu 24.04
Related: How to Secure Your Ubuntu 24.04 Server
