Howdy @MattVCA,
The user and group are only one half of the picture; the ownership. The other half is the actual permissions.
It’s also very much not a Caddy-specific thing but a POSIX operating system thing in general; looking around the forums here might not yield very much historical assistance other than some basic “fix-all” commands. Without knowing all the specific details of your webroot hierarchy and all its permissions, it’s difficult to suggest specific fixes to bring it into alignment with how you want it to function.
Can you tell me which official guide you followed? Our documentation has:
You can place your static site files in either
/var/www/htmlor/srv. Make sure thecaddyuser has permission to read the files.
—https://caddyserver.com/docs/running#using-the-service
But I don’t think it explicitly requires you chown -R caddy:caddy.
Usually with the above instruction we simply mean to add the caddy user to the group owner of the files/directories and then ensuring they’re all group-readable.
Since you’ve got PHP in the mix as well as Caddy, and you want both of them to be able to work with the files as well as the user, I’d propose that perhaps you want the user to have user ownership of the files, and you want a webserver group to have group ownership of the files, and for the files to all be user and group readable and writable.
I would recursively set the user ownership of the web root to myuser and the group ownership to www-data, which the caddy user should be a member of by default:
sudo chown -R myuser:www-data /webroot
Then I would ensure that both the user and the group have read-write permissions:
find /webroot -type d -exec chmod ug+rwx {} ;find /webroot -type f -exec chmod ug+rw {} ;
Then I personally might consider setting setgid on the directories, which has the side effect of helping to ensure that files created under these directories inherit group ownership of www-data:
find /webroot -type d -exec chmod g+s {} ;
Although, if your user copies in files from elsewhere that already has different ownership configured, it may be incumbent on them to chown -R :www-data /webroot on occasion to ensure the web server can access those copied-in files.