For a recent project, I wanted to move to Caddy Server v2 and have support for wildcard domains. This required me to setup a DNS provider in order for Lets Encrypt to validate that I own the domain to then provide a wildcard certificate.

Because the DNS plugins aren’t built into the main Caddy executable, you need to compile it with the plugins you want installed.

Here’s the steps I used to compile and install Caddy.

1. Install Go

tar -C /usr/local -xzf go1.16.3.linux-amd64.tar.gz

# Add this to your .profile, .bashrc or .bash_profile
# then logout & login
export PATH=$PATH:/usr/local/go/bin

go version

2. Install xcaddy

xcaddy is a tool for building custom packages of Caddy

sudo apt update && sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf '' | sudo apt-key add -
curl -1sLf '' | sudo tee /etc/apt/sources.list.d/caddy-xcaddy.list
sudo apt update && sudo apt install xcaddy

3. Build Caddy with the CloudFlare DNS Plugin

This will compile Caddy with the DNS plugin

xcaddy build --with

4. Move the caddy executable

sudo mv caddy /usr/bin/

caddy version

5. Create a user

sudo groupadd --system caddy
sudo useradd --system \
    --gid caddy \
    --create-home \
    --home-dir /var/lib/caddy \
    --shell /usr/sbin/nologin \
    --comment "Caddy web server" \

6. Create a systemd service

sudo nano /etc/systemd/system/caddy.service

And paste the contents of this, editing as required:

# caddy.service
# For using Caddy with a config file.
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
# See for instructions.
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.


ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile


7. Create a Caddyfile

Place a Caddyfile at /etc/caddy/Caddyfile with the DNS setting

* {

  tls {
    dns cloudflare <API-token>

8. Start Caddy

sudo mkdir /etc/caddy/
sudo nano /etc/caddy/Caddyfile

sudo systemctl daemon-reload
sudo systemctl enable caddy
sudo systemctl start caddy

And that’s it!