# Caddy webserver ``` # https://caddyserver.com/docs/install#fedora-redhat-centos # certificates - /var/lib/caddy/.local/share/caddy/certificates sudo yum install yum-plugin-copr -y sudo yum copr enable @caddy/caddy -y sudo yum install caddy -y sudo setcap 'cap_net_bind_service=+ep' /usr/bin/caddy sudo mkdir /etc/ssl/caddy sudo mkdir -p /var/log/caddy sudo chown -R caddy:caddy /var/log/caddy sudo chown -R root:caddy /etc/caddy sudo chown -R root:caddy /etc/ssl/caddy sudo chmod 0770 /etc/ssl/caddy # firewalld 80,443 sudo firewall-cmd --zone=public --permanent --add-port 80/tcp || true sudo firewall-cmd --zone=public --permanent --add-port 443/tcp || true sudo firewall-cmd --reload || true sudo systemctl restart fail2ban.service # Caddyfile bak sudo mv /etc/caddy/Caddyfile /etc/caddy/Caddyfile.bak # sudo vim /etc/caddy/Caddyfile sudo tee /etc/caddy/Caddyfile << EOF { acme_ca https://acme.zerossl.com/v2/DV90 email support@validatus.com admin off debug } heimdall.validatus.com encode zstd gzip reverse_proxy http://127.0.0.1:5601 log { format json level INFO output file /var/log/caddy/access.json { roll_size 10MB roll_keep 10 } } EOF # https://caddyserver.com/docs/getting-started sudo systemctl enable caddy sudo systemctl daemon-reload sudo systemctl restart caddy sudo systemctl status caddy --no-page -l ```