// the find
caddyserver/caddy
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Caddy is a Go web server that handles TLS certificate management automatically — you point it at your domain and it figures out Let's Encrypt, renewal, OCSP stapling, and HTTP/2-3 without any configuration. It's aimed at developers and ops people who want a production-grade reverse proxy without the NGINX config archaeology.
The automatic HTTPS story is genuinely solid: CertMagic underneath handles multi-issuer fallback, cluster coordination, and OCSP stapling, so certificate-related outages that take down other servers don't take down Caddy. The JSON-over-API config model means you can reload config without restart and automate it programmatically — useful for platforms that generate server configs dynamically. The module architecture is clean: extending Caddy means implementing a Go interface and registering it, not patching C code or writing Lua. No runtime dependencies at all — single static binary, no libc requirement, which makes it straightforward to deploy anywhere Go can cross-compile to.
The Caddyfile is simple for the common cases but gets awkward fast when you need fine-grained control — you end up fighting the abstraction or falling back to raw JSON, which is verbose. The plugin ecosystem requires recompiling the binary with xcaddy, meaning you can't drop-in a plugin at runtime the way NGINX modules work with package managers. The admin API listens on localhost by default and has no authentication — fine for single-server setups, a footgun in anything more complex if you don't explicitly lock it down. Performance under very high concurrency is good but benchmarks against NGINX still show a gap for pure static file serving, which matters if that's your primary workload.