FreeBSD Init-Script for the Caddy Webserver

published on in category Caddy FreeBSD , Tags: caddy webserver freebsd

I have used Caddy for a while now on FreeBSD. But though it lacks a working init script, I decided to write one on my own. Here’s the result, description below:

Init script

UPDATE 2016/03/20: My FreeBSD init script has made it into the official Caddy repository:

Please take notice, that Caddy currently only runs as root user because it does not support privilege de-escalation yet, so you might wanna jail your webserver.

# PROVIDE: caddy
# REQUIRE: networking
# KEYWORD: shutdown

# Add the following lines to /etc/rc.conf to enable caddy:
# caddy_enable (bool):        Set to "NO" by default.
#                             Set it to "YES" to enable caddy
# caddy_cert_email (str):     Set to "" by default.
#                             Defines the SSL certificate issuer email. By providing an
#                             email address you automatically agree to's
#                             general terms and conditions
# caddy_bin_path (str):       Set to "/usr/local/bin/caddy" by default.
#                             Provides the path to the caddy server executable
# caddy_cpu (str):            Set to "99%" by default.
#                             Configures, how much CPU capacity caddy may gain
# caddy_config_path (str):    Set to "/usr/local/www/Caddyfile" by default.
#                             Defines the path for the configuration file caddy will load on boot
# caddy_run_user (str):       Set to "root" by default.
#                             Defines the user that caddy will run on

. /etc/rc.subr


load_rc_config $name
: ${caddy_enable:=no}
: ${caddy_cert_email=""}
: ${caddy_bin_path="/usr/local/bin/caddy"}
: ${caddy_cpu="99%"} # was a bug for me that caused a crash within jails
: ${caddy_config_path="/usr/local/www/Caddyfile"}
: ${caddy_run_user="root"}

if [ "$caddy_cert_email" = "" ]
    echo "rc variable \$caddy_cert_email is not set. Please provide a valid SSL certificate issuer email."
    exit 1


command="${caddy_bin_path} -log ${logfile} -cpu ${caddy_cpu} -conf ${caddy_config_path} -agree -email ${caddy_cert_email}"


caddy_start() {
    echo "Starting ${name}..."
    /usr/sbin/daemon -u ${caddy_run_user} -c -p ${pidfile} -f ${command}

caddy_status() {
    if [ -f ${pidfile} ]; then
      echo "${name} is running as $(cat $pidfile)."
      echo "${name} is not running."
      return 1

caddy_stop() {
    if [ ! -f ${pidfile} ]; then
      echo "${name} is not running."
      return 1

    echo -n "Stopping ${name}..."
    kill -KILL $(cat $pidfile) 2> /dev/null && echo "stopped"
    rm -f ${pidfile}

run_rc_command "$1"


It exposes multiple configuration variables, which may be set in /etc/rc.conf:

  • caddy_enable: As usual, must be set to YES in order for Caddy to start at boot time
  • caddy_cert_email: HTTPS certificate issuer email address ( - the init script automatically sets -agree so be sure you agree the terms of usage. This information is mandatory.
  • caddy_bin_path: The path to the caddy binary. Defaults to /usr/local/bin/caddy
  • caddy_cpu: Amount of CPU that Caddy might use. Default is 100% but I reset it to 99% because otherwise Caddy regularly killed my webserver jail
  • caddy_config_path: Path to the Caddyfile, defaults to /usr/local/www/Caddyfile


The following files are created:

  • /var/log/caddy.log: Caddy log file
  • /var/run/ Caddy pid file

The init script uses / as the working directory, so certificates go to /.caddy.


Do the following things as root:

  • Download Caddy from and copy the binary to /usr/local/bin/caddy
  • chmod +x it
  • Copy the init script from above to /usr/local/etc/rc.d/caddy and chmod +x it
  • run sysrc caddy_enable=YES
  • run sysrc cadddy_cert_email='youremailaddress'
  • Place a Caddyfile in /usr/local/www/ (docs:
  • run service caddy start