Wikipedia

Caddy (web server): Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Doesn't contribute actively to the article's goal, too technical for most and serves more as a product advertisement than as an explanation of what Caddy is.
Begin rewriting to have a unified History section instead of junk sections.
Tags: Reverted Visual edit
Line 21:
| website = {{Official URL}}
}}
The '''Caddy [[web server]]''' is an [[Extensibility|extensible]],<ref>{{Cite web|last=|first=|title=Extending Caddy - Caddy Documentation|url=https://caddyserver.com/docs/extending-caddy|url-status=live|access-date=2021-09-27|website=caddyserver.com|archive-url=https://web.archive.org/web/20200506180313/https://caddyserver.com/docs/extending-caddy |archive-date=2020-05-06 }}</ref> [[Cross-platform software|cross-platform]],<ref name=":0">{{Cite web|last=|first=|title=Build from source - Caddy Documentation|url=https://caddyserver.com/docs/build#cross-platform|url-status=live|access-date=2021-09-27|website=caddyserver.com|archive-url=https://web.archive.org/web/20200529135850/https://caddyserver.com/docs/build |archive-date=2020-05-29 }}</ref> [[Open-source software|open-source]]<ref>{{Citation|title=LICENSE|date=2021-09-27|url=https://github.com/caddyserver/caddy/blob/059fc32f002d00e980b438b3edbdf7b8bcdf9a90/LICENSE|publisher=caddyserver/caddy on GitHub|access-date=2021-09-27}}</ref> [[web server]] written in [[Go (programming language)|Go]].<ref>{{Cite web|title=Go 1.6 is released - go.dev|url=https://go.dev/blog/go1.6|access-date=2021-09-27|website=go.dev}}</ref>
 
The name "Caddy" refers both to a helper for tedious tasks, and a way to organize multiple parts into a simplified system.<ref name=":1">{{Citation|title=README.md|date=2021-09-27|url=https://github.com/caddyserver/caddy/blob/059fc32f002d00e980b438b3edbdf7b8bcdf9a90/README.md|publisher=caddyserver/caddy on GitHub|access-date=2021-09-27}}</ref> At its core, Caddy is an extensible [[Computing platform|platform]] for deploying long-running services ("apps") using a single, unified configuration that can be updated on-line with a [[Representational state transfer|REST]] [[API]].<ref>{{Cite web|last=|first=|title=Welcome - Caddy Documentation|url=https://caddyserver.com/docs/|url-status=live|access-date=2021-09-27|website=caddyserver.com|archive-url=https://web.archive.org/web/20150502021831/http://caddyserver.com:80/docs |archive-date=2015-05-02 }}</ref> Official Caddy distributions ship with a set of standard modules which include [[Hypertext Transfer Protocol|HTTP]] [[Server (computing)|server]], [[Transport Layer Security|TLS]] automation, and [[Public key infrastructure|PKI]] apps.<ref name=":2">{{Citation|title=imports.go|date=2021-09-27|url=https://github.com/caddyserver/caddy/blob/059fc32f002d00e980b438b3edbdf7b8bcdf9a90/modules/standard/imports.go|publisher=caddyserver/caddy on GitHub|access-date=2021-09-27}}</ref> It is best known for its automatic HTTPS features.<ref name=":8">{{Cite book|last=Woodbeck|first=Adam|url=https://www.worldcat.org/oclc/1198449668|title=Network programming with GO : code secure and reliable network services from Scratch|date=2021|isbn=978-1-7185-0088-4|location=San Francisco, CA|pages=217–239|oclc=1198449668}}</ref>
 
Matthew Holt initially began solo development on Caddy in 2014,<ref name=":1" /> followed by the first public release in 2015.<ref>{{Cite web|title=Release 0.5.0 · caddyserver/caddy|url=https://github.com/caddyserver/caddy/releases/tag/v0.5.0|access-date=2021-09-27|website=GitHub|language=en}}</ref> The software soon became a public collaboration with hundreds of contributors on GitHub.<ref>{{Cite web|title=Contributors to caddyserver/caddy|url=https://github.com/caddyserver/caddy|access-date=2021-09-27|website=GitHub|language=en}}</ref> To satisfy requirements from a growing community with a variety of [[use case]]s, eventually Caddy was completely rewritten from scratch, and a version 2.0 was released on May 4, 2020.<ref>{{Cite web|title=Release v2.0.0 · caddyserver/caddy|url=https://github.com/caddyserver/caddy/releases/tag/v2.0.0|access-date=2021-09-27|website=GitHub|language=en}}</ref>
 
Caddy [[Binary file|binaries]] are officially distributed for [[Linux]], [[Microsoft Windows|Windows]], [[macOS]], [[Berkeley Software Distribution|BSD]], and other [[operating system]]s on a variety of [[Computer architecture|architectures]] including [[x86-64]], [[ARM architecture|ARM]], [[MIPS architecture|MIPS]], [[IBM System/390|S390X]], and [[Ppc64|PPC64]].<ref name=":3">{{Cite web|last=|first=|title=Download Caddy|url=https://caddyserver.com/download|url-status=live|access-date=2021-09-27|website=caddyserver.com|archive-url=https://web.archive.org/web/20150502021904/http://caddyserver.com:80/download |archive-date=2015-05-02 }}</ref> Official distributions of [[32-bit computing|32-bit]] binaries were discontinued, but Caddy can be [[Compiler|compiled]] from [[Source code|source]] for [[IA-32]] architectures.<ref>{{Cite web|last=|first=|title=Build from source - Caddy Documentation|url=https://caddyserver.com/docs/build|url-status=live|access-date=2021-09-27|website=caddyserver.com|archive-url=https://web.archive.org/web/20200529135850/https://caddyserver.com/docs/build |archive-date=2020-05-29 }}</ref> Packages for [[Debian]], [[CentOS]], [[Red Hat Enterprise Linux|RedHat]], and [[Arch Linux]] are also maintained,<ref>{{Cite web|last=|first=|title=Install - Caddy Documentation|url=https://caddyserver.com/docs/install|url-status=live|access-date=2021-09-27|website=caddyserver.com|archive-url=https://web.archive.org/web/20200506131709/https://caddyserver.com/docs/install |archive-date=2020-05-06 }}</ref> as well as an official [[Docker (software)|Docker]] image.<ref>{{Cite web|title=Caddy - Official Image|url=https://hub.docker.com/_/caddy|url-status=live|access-date=2021-09-27|website=Docker Hub|archive-url=https://web.archive.org/web/20200414071359/https://hub.docker.com/_/caddy |archive-date=2020-04-14 }}</ref>
Line 36 ⟶ 34:
When a configuration is received through its administration socket, Caddy decodes the configuration for all the specified modules, and starts running all the app modules.<ref name=":8" /> When the app modules are being provisioned, they themselves may load and provision modules that they use. For example, the HTTP server is an app module which uses HTTP handler modules to handle HTTP requests; these handlers might use yet other modules to implement their functionality, and so on.<ref>{{Citation|last=Holt|first=Matthew|title=The Engineering Challenges of long running go programs|date=2019-12-04|url=https://www.youtube.com/watch?v=EhJO8giOqQs|publisher=Forge Utah|language=en|access-date=2021-09-27}}</ref> All these modules are provisioned during the config load phase.<ref name=":4" />
 
Plugins are installed by statically compiling them directly into the Caddy binary.<ref name=":1" /><ref name=":8" /> Without plugins, Caddy's native configuration structure only has some basic options for administration and logging.<ref name=":6" /> All other functionality must be provided by app modules. Official Caddy distributions ship with dozens of standard modules;<ref name=":2" /> others can be added from the project's website,<ref name=":3" /> using the [https://github.com/caddyserver/xcaddy xcaddy command line tool], or by manually compiling a custom build.<ref name=":0" />
 
== Financial backing ==
Until 2016, Caddy operated completely by volunteer effort without any financial support, simply accepting occasional donations from the website.<ref>{{Cite web|date=2016-03-10|title=Download Caddy|url=https://caddyserver.com/download|access-date=2021-09-27|archive-url=https://web.archive.org/web/20160310104053/https://caddyserver.com/download|archive-date=2016-03-10}}</ref> As the community grew and demands on development time and infrastructure increased, it was determined that the project needed to be funded.<ref>{{Cite web|date=2017-09-18|title=Is Caddy Free?|url=https://caddyserver.com/blog/is-caddy-free|access-date=2021-09-27|archive-url=https://web.archive.org/web/20170918171820/https://caddyserver.com/blog/is-caddy-free|archive-date=2017-09-18}}</ref> Light Code Labs, LLC was formed to become the legal entity behind Caddy. With legal legitimacy, the first form of financial support came from a [[Mozilla]] Open Source Support (MOSS) program award in 2016.<ref>{{Cite web|title=Mozilla Awards $385,000 to Open Source Projects as part of MOSS "Mission Partners" Program {{!}} The Mozilla Blog|url=https://blog.mozilla.org/en/mozilla/mozilla-awards-385000-to-open-source-projects-as-part-of-moss-mission-partners-program/|access-date=2021-09-27|website=blog.mozilla.org|language=en-US}}</ref> This provided funding for 6 months of development work, and was crucial to Caddy's growth at that stage.<ref>{{Cite web|date=2018-11-23|title=Caddy's MOSS Experience|url=https://caddyserver.com/blog/caddy-moss-experience|access-date=2021-09-27|archive-url=https://web.archive.org/web/20181123151113/https://caddyserver.com/blog/caddy-moss-experience|archive-date=2018-11-23}}</ref>
 
Seeking longer-term sustainability, Light Code Labs soon offered two optional products for businesses and professionals: the Engineering Package and Sponsorship, which granted access to developer resources and publicity for customers.<ref>{{Cite web|date=2017-04-22|title=Introducing Options for Businesses|url=https://caddyserver.com/blog/options-for-businesses|access-date=2021-09-27|archive-url=https://web.archive.org/web/20170422123125/https://caddyserver.com/blog/options-for-businesses|archive-date=2017-04-22}}</ref> With only little success, it was decided that phasing out those products in favor of distributing official binaries intended for commercial use under a proprietary license could increase sustainability by requiring companies to pay for the right to use specially-offered, pre-compiled Caddy binaries that powered their business.<ref>{{Cite web|date=2018-11-23|title=Announcing Caddy Commercial Licenses|url=https://caddyserver.com/blog/accouncing-caddy-commercial-licenses|access-date=2021-09-27|archive-url=https://web.archive.org/web/20181123160838/https://caddyserver.com/blog/accouncing-caddy-commercial-licenses|archive-date=2018-11-23}}</ref> This would leave Caddy's source code under the [[Apache License|Apache license]] for anyone to use freely, while still being able to gain some financial backing from able companies as customers.
 
Although more sustainable, this approach was widely viewed with disdain, and was met with confusion and controversy over the next few years.<ref>{{Cite web|title=Caddy and the Importance of Licenses – Roberto Selbach|url=https://roberto.selbach.ca/caddy-and-the-importance-of-licenses/|access-date=2021-09-27|language=en-CA}}</ref><ref>{{Cite web|title=Caddy Proposal: Permanently change all proprietary licensing to open source {{!}} Hacker News|url=https://news.ycombinator.com/item?id=21154893|access-date=2021-09-27|website=news.ycombinator.com}}</ref><ref>{{Cite web|title=Sgt__Kabukiman on Twitter|url=https://twitter.com/sgt__kabukiman/status/908381615105200128|url-status=live|access-date=2021-09-27|website=Twitter|language=en|archive-url=https://web.archive.org/web/20210927214253/https://twitter.com/sgt__kabukiman/status/908381615105200128 |archive-date=2021-09-27 }}</ref> Product offerings were adjusted to clarify terms, gain the respect of the community, and better capture the commercial sector.<ref>{{Cite web|date=2017-10-09|title=Caddy 0.10.10 Released Along With New Pricing Structure|url=https://caddyserver.com/blog/caddy-0_10_10-and-pricing|access-date=2021-09-27|archive-url=https://web.archive.org/web/20171009230132/https://caddyserver.com/blog/caddy-0_10_10-and-pricing|archive-date=2017-10-09}}</ref> In 2019, Light Code Labs entered into a partnership with Ardan Studios to design and build an all-new version of Caddy which could be utilized more readily in enterprise environments: Caddy Enterprise.<ref>{{Cite web|date=2019-04-25|title=Announcing Caddy 1.0, Caddy 2, and Caddy Enterprise|url=https://caddyserver.com/blog/announcing-caddy-1_0-caddy-2-caddy-enterprise|access-date=2021-09-27|archive-url=https://web.archive.org/web/20190425132137/https://caddyserver.com/blog/announcing-caddy-1_0-caddy-2-caddy-enterprise|archive-date=2019-04-25}}</ref> However, on October 3, 2019, the two companies announced plans<ref>{{Cite web|title=Proposal: Permanently change all proprietary licensing to open source · Issue #2786 · caddyserver/caddy|url=https://github.com/caddyserver/caddy/issues/2786|access-date=2021-09-27|website=GitHub|language=en}}</ref> to instead revert all plans for commercial licenses, which included:
 
* reaffirming that Caddy will continue to be, and always has been, an Apache-licensed open source project,
* dropping all proprietary licensing and removing the business use case restrictions from official binaries,
* dropping plans for enterprise-only features,
* rebranding the new version of Caddy simply as Caddy 2,
* and eliminating all other existing business-only products, subscriptions, and services.
 
Ardan Studios would proceed to offer professional training, Caddy development, and enterprise support to businesses, and provided funding for full-time open source development of the Caddy project for almost one year.<ref>{{Cite web|title=Caddy Partnership With Light Code Labs|url=https://www.ardanlabs.com/blog/2019/07/caddy-partnership-light-code-labs.html|access-date=2021-09-27|website=www.ardanlabs.com}}</ref> Shortly before the initial release of Caddy 2, an agreement was signed by Light Code Labs and Ardan Studios for the Caddy project (along with [https://github.com/caddyserver/certmagic CertMagic], Caddy's core TLS automation library) to be acquired by API Layer, GmbH (later Stack Holdings, GmbH).<ref>{{Cite web|date=2020-09-10|title=Caddy and CertMagic have new ownership; no changes to licensing or development|url=https://caddy.community/t/caddy-and-certmagic-have-new-ownership-no-changes-to-licensing-or-development/9754|access-date=2021-09-27|website=Caddy Community|language=en}}</ref> The transfer of ownership was announced later that year in September 2020, along with a two-year development contract.<ref>{{Cite web|title=Caddy Server Acquired By Apilayer|url=https://www.ardanlabs.com/news/2020/08/caddy-server-is-acquired/|access-date=2021-09-27|website=www.ardanlabs.com}}</ref> This exchange did not alter the open source status or development cycle of the project.
 
As of 2021, necessary financial support for the Caddy project continues by [[Sponsor (commercial)|sponsorships]] through [[GitHub]] Sponsors, with ZeroSSL (a Stack Holdings company) being the primary, executive sponsor.<ref>{{Cite web|title=Sponsor @mholt on GitHub Sponsors|url=https://github.com/sponsors/mholt|access-date=2021-09-27|website=GitHub|language=en}}</ref>
 
== Influence ==
Caddy has been used as the basis for other software projects and commercial services, and its reach extends into academic research and industry discussion.
 
CoreDNS was created by Miek Gieben from a fork of Caddy v1 which was modified to serve DNS instead of HTTPS.<ref>{{Citation|title=Understanding CoreDNS in Kubernetes - John Belamaric, Google & Cricket Liu, Francois Tur, Infoblox|url=https://www.youtube.com/watch?v=qRiLmLACYSY|language=en|access-date=2021-09-27}}</ref> It leveraged Caddy's Caddyfile configuration format, plugin architecture, and use of the Go language.<ref>{{Cite book|last=Belamaric|first=John|url=https://www.worldcat.org/oclc/1119557722|title=Learning CoreDNS : configuring DNS for Cloud Native Environments|date=2019|others=Cricket Liu|isbn=9781492047964|edition=First|location=Sebastopol, CA|oclc=1119557722}}</ref>
 
[[Cloudflare]] implemented a [[Man-in-the-middle attack|machine-in-the-middle]] (MITM) detection service originally based on Caddy using its native MITM detection capabilities.<ref>{{Citation|title=TLS 1.3 in your web browser|date=2021-01-19|url=https://github.com/cloudflare/mitm.watch|publisher=Cloudflare|access-date=2021-09-27}}</ref><ref>{{Cite web|date=2019-03-18|title=Monsters in the Middleboxes: Introducing Two New Tools for Detecting HTTPS Interception|url=https://blog.cloudflare.com/monsters-in-the-middleboxes/|access-date=2021-09-27|website=The Cloudflare Blog|language=en}}</ref> The same company also used Caddy to serve an experimental TLS 1.3 implementation while participating in the formation of the final TLS 1.3 specification.<ref name="TwitterTLS1.3">{{ cite tweet | user = grittygrease | number = 705929028142673924 | date = 4 Mar 2016 | author = Nick Sullivan | title = It's built in Go using custom versions @rlbarnes's Mint and @mholt6's Caddy }}</ref><ref>{{Cite web|last=Sullivan|first=Nick|date=2017-12-26|title=Why TLS 1.3 isn't in browsers yet|url=https://blog.cloudflare.com/why-tls-1-3-isnt-in-browsers-yet/|url-status=live|access-date=2021-09-27|website=The Cloudflare Blog|language=en|archive-url=https://web.archive.org/web/20171226210134/https://blog.cloudflare.com/why-tls-1-3-isnt-in-browsers-yet/ |archive-date=2017-12-26 }}</ref>
 
[[Let's Encrypt]] considers Caddy's implementation of [[Automatic Certificate Management Environment|ACME]] to be the gold standard of ACME clients, and Caddy has become a model for similar software to follow.<ref>{{Citation|title=NYLUG Presents: Josh Aas - on - Let's Encrypt: A Free, Automated, and Open CA|url=https://www.youtube.com/watch?v=OE5UhQGg_Fo|language=en|access-date=2021-09-27}}</ref><ref name=":9" />
 
Caddy has participated in a number of academic papers and enabled various Internet research. It has been referenced in relation to:
 
* validating the feasibility of the ACME protocol in production servers,<ref name=":9" />
* Internet-scale deployment of [[QUIC]],<ref>{{Citation|last1=Rüth|first1=Jan|title=A First Look at QUIC in the Wild|date=2018|url=http://link.springer.com/10.1007/978-3-319-76481-8_19|work=Passive and Active Measurement|volume=10771|pages=255–268|editor-last=Beverly|editor-first=Robert|place=Cham|publisher=Springer International Publishing|doi=10.1007/978-3-319-76481-8_19|isbn=978-3-319-76480-1|access-date=2021-09-27|last2=Poese|first2=Ingmar|last3=Dietzel|first3=Christoph|last4=Hohlfeld|first4=Oliver|editor2-last=Smaragdakis|editor2-first=Georgios|editor3-last=Feldmann|editor3-first=Anja|arxiv=1801.05168|s2cid=3631501}}</ref>
* a test framework for cloud failover mechanisms,<ref>{{Cite journal|last=Vaněček|first=Štěpán|date=2016-03-02|title=Test framework for cloud failover mechanisms|url=https://dspace.cvut.cz/bitstream/handle/10467/66197/F8-BP-2016-Vanecek-Stepan-thesis.pdf?sequence=1&isAllowed=y|journal=Czech Technical University in Prague, Faculty of Information Technology Theses}}</ref>
* measuring the security harm of TLS cryptography shortcuts,<ref>{{Cite journal|last1=Springall|first1=Drew|last2=Durumeric|first2=Zakir|last3=Halderman|first3=J. Alex|date=2016-11-14|title=Measuring the Security Harm of TLS Crypto Shortcuts|journal=Proceedings of the 2016 Internet Measurement Conference|language=en|location=Santa Monica California USA|publisher=ACM|pages=33–47|doi=10.1145/2987443.2987480|isbn=978-1-4503-4526-2|doi-access=free}}</ref>
* advocating the case for secure-by-default TLS,<ref>{{Cite arXiv|last=Stanek|first=Martin|date=2017-08-24|title=Secure by default - the case of TLS|class=cs.CR|eprint=1708.07569}}</ref>
* and improving the usability of deploying HTTPS.<ref name=":7" />
 
==References==
{{Reflist}}
Retrieved from "https://en.wikipedia.org/wiki/Caddy_(web_server)"