New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Caddy seems to be a new cool HTTP server
I just found this lightweight HTTP server called Caddy, with only ~3MB in size and low RAM usage (~2MB usage after startup here, idle, no PHP). I took a look at it's config file and it's really easy to set up stuff (including Virtual Hosts), no need for control panels anymore!
It also supports PHP via FastCGI, SSL and other cool stuff.
Have you tried it? What are your thoughts?
Comments
looks pretty nice, will give it a try, I was just looking at alternatives today as it happens.
Wow. Seems to be a nice alternative.
What does it do that lighttpd doesn't? lighttpd uses barely any RAM either and is easy to configure
Looks really nice!
Jetty is on my to-try list
How easy is it to add clean URL's, rate limiting, etc?
Because if it's not easier than nginx.. not really worth it.. (And nginx is pretty easy itself :P)
Edit: Caddy can pipe stdin and stdout from any program to WebSocket clients.
That's pretty cool actually, but not sure about the performance here.
This is it. I do admire lightweight-by-default apps though, looks promising. Might toy around with it when I get a few hours, thanks for sharing.
I saw some visitors coming from here, so I'll try to answer a few questions!
I'd argue that Caddy is even easier to configure than lighttpd. Caddy is targeting a non-programmer/sysadmin audience more than lighttpd.
Here's a few things Caddy can do that lighttpd can't:
We're also working on direct integration with Let's Encrypt which means free, automatic SSL certificates for your site without any trouble.
Clean URLs are one-liners:
ext .html .txtfor example. Rate limiting is on our to-do list. Would love some contributions on that front!If you know how to program, nginx isn't too hard to configure, but even for programmers, setting up nginx just right can be a half-day project. It's not uncommon for a Caddyfile to be 1/3 the length of an equivalent nginx.conf file.
It's not great - like CGI, but for websockets (inspired by websocketd). Still, if you have a program that only knows stdin/stdout, this is a good way to go. Caddy can also proxy websocket connections to a WS backend.
Let me know if you change your mind after trying it. If you still think it's not worth it, do tell me about your experience and we'll try to improve Caddy.
Hmm... will try to check what's smaller, OpenWRT uhttpd or this one?
My chief concern would be security issues. This project seems to be pretty new, it's obviously much less widely used and reviewed (and combed through for security holes) than Lighttpd or Nginx. Web server is the critical piece of software in this aspect, so it's not really the place where I would go for "new and cool" over reliable and well-tested.
Looks nice would try this on one of the dev vms, interested in trying git push feature
It doesn't memory leak on X-Sendfile and call it a feature.
You're not the only one with that concern. Please pentest Caddy mercilessly. The sooner we work out any obvious or serious vulnerabilities, the sooner Caddy will be ready to be taken seriously.
I know, for instance, that Caddy has yet to be fuzz-tested. I will do it eventually, if nobody beats me to it.
From the beginner guide it seems pretty easy to run this Caddy.
I will try this on my NAT LEB box for sure.
Thanks for let me know.
Time for some testing
I call the benchmarking gods 
to shed some light
Gave it a try, "500 Internal Server Error", trashed. But hey I'm no "developer" that's why
Sorry, but no form of rate-limiting is a no-go. Please make this a high priority thing on your todo list and do it smart, that's also a way to outclass lighttpd easily, as their implementation of rate-limiting is pretty bad.
Feel free to open an issue and we can take a look at what went wrong. Be sure to post your Caddyfile, the request URL, and the system you're running on.
I think we will step it up. Do you have any specific suggestions about rate limiting that you'd like to see? Or any methods in particular you think we should avoid? I'm listening.
There's a lot you could do, the nginx approach is already pretty good.
Possibility of defining different zones for rate-limiting, e.g. css files often trigger rate-limiting a lot more than other files so they'd need their own zone.
Add an option to ban IPs for a specified time after they exceed rate-limiting limits for x times.
Add a posibility to ban/unban rate-limited IPs via iptables and other firewalls automatically.
API implementation to automatically ban/unban IPs on popular CDN services like CloudFlare, Incapsula etc.
PHP is done via fastcgi in Caddy....
As opposed to what?
FPM support is crucial, FastCGI performance is sub-par.
tested before , But It's some kind of minimal.
No option for Load balancing.
Is there an alternative protocol to connect to PHP-FPM other than FastCGI? As stated on the PHP-FPM website,
Edit: see http://serverfault.com/questions/645755/differences-and-dis-advanages-between-fast-cgi-cgi-mod-php-suphp-php-fpm
FPM is not FastCGI per se, it is just based on it - In my experience the performance increases at around 15%
FastCGI is a protocol. PHP-FPM uses FastCGI for communication with the web server. If Caddy supports FastCGI, then you can set it up to work with PHP-FPM.
Unless you're saying that PHP-FPM offers an alternative protocol to FastCGI that is somehow faster than the default FastCGI interface that most people configure it to use.
Edit: see e.g. https://godoc.org/github.com/mholt/caddy/middleware/fastcgi which mentions that Caddy's FastCGI middleware is most commonly used for PHP-FPM.
Looks very promising. Will definitely give this a try soon.
No option for Load balancing.
Thanks for trying it out earlier. You should try it again. The proxy directive makes load balancing trivial, even as easy as one line in the Caddyfile. It supports health checks as well.
I should add that the community is excellent and has contributed a lot to the project (load balancing is one example). It wouldn't be possible without that help!
you can Caddy as Windows Service?
ofc! Use https://support.microsoft.com/en-us/kb/137890