I had caddy working with multiple sites and I came back to caddy.service not started.
Seems caddy won’t start with acme: error presenting token: googlecloud: no matching domain found for domain errors.
I double checked to see if the environment vars and GCP json was correct and it is, here’s the log -
systemd[1]: Started Caddy HTTP/2 web server.
caddy[6813]: 2019/09/04 14:52:03 [INFO][FileStorage:/var/lib/caddy] Started certificate maintenance routine
caddy[6813]: Activating privacy features... 2019/09/04 14:52:04 [WARNING] Stapling OCSP: invalid: OCSP response for [munin.hostname.org] valid after certificate expiration (-24h51>
caddy[6813]: 2019/09/04 14:52:04 [WARNING] Stapling OCSP: invalid: OCSP response for [munin.hostname.org] valid after certificate expiration (-24h51m18s)
caddy[6813]: 2019/09/04 14:52:04 [WARNING] Stapling OCSP: invalid: OCSP response for [munin.hostname.org] valid after certificate expiration (-24h51m18s)
caddy[6813]: 2019/09/04 14:52:04 [WARNING] Stapling OCSP: invalid: OCSP response for [bom.hostname.org] valid after certificate expiration (-24h51m8s)
caddy[6813]: 2019/09/04 14:52:04 [WARNING] Stapling OCSP: invalid: OCSP response for [bom.hostname.org] valid after certificate expiration (-24h51m8s)
caddy[6813]: 2019/09/04 14:52:04 [WARNING] Stapling OCSP: invalid: OCSP response for [bom.hostname.org] valid after certificate expiration (-24h51m8s)
caddy[6813]: 2019/09/04 14:52:04 [WARNING] Stapling OCSP: invalid: OCSP response for [bom.hostname.org] valid after certificate expiration (-24h51m8s)
caddy[6813]: 2019/09/04 14:52:04 [INFO] Certificate for [munin.hostname.org] expires in 121h16m37.732350624s; attempting renewal
caddy[6813]: 2019/09/04 14:52:05 [INFO] [munin.hostname.org] acme: Trying renewal with 121 hours remaining
caddy[6813]: 2019/09/04 14:52:05 [INFO] [munin.hostname.org] acme: Obtaining bundled SAN certificate
caddy[6813]: 2019/09/04 14:52:06 [INFO] [munin.hostname.org] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/149986731
caddy[6813]: 2019/09/04 14:52:06 [INFO] [munin.hostname.org] acme: Could not find solver for: tls-alpn-01
caddy[6813]: 2019/09/04 14:52:06 [INFO] [munin.hostname.org] acme: Could not find solver for: http-01
caddy[6813]: 2019/09/04 14:52:06 [INFO] [munin.hostname.org] acme: use dns-01 solver
caddy[6813]: 2019/09/04 14:52:06 [INFO] [munin.hostname.org] acme: Preparing to solve DNS-01
caddy[6813]: 2019/09/04 14:52:08 [INFO] [munin.hostname.org] acme: Cleaning DNS-01 challenge
caddy[6813]: 2019/09/04 14:52:08 [WARN] [munin.hostname.org] acme: error cleaning up: googlecloud: no matching domain found for domain hostname.org.
caddy[6813]: 2019/09/04 14:52:08 [ERROR] Renewing [munin.hostname.org]: acme: Error -> One or more domains had a problem:
caddy[6813]: [munin.hostname.org] [munin.hostname.org] acme: error presenting token: googlecloud: no matching domain found for domain hostname.org.
caddy[6813]: ; trying again in 10s
caddy[6813]: 2019/09/04 14:52:18 [INFO] [munin.hostname.org] acme: Trying renewal with 121 hours remaining
caddy[6813]: 2019/09/04 14:52:18 [INFO] [munin.hostname.org] acme: Obtaining bundled SAN certificate
caddy[6813]: 2019/09/04 14:52:19 [INFO] [munin.hostname.org] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/149986731
caddy[6813]: 2019/09/04 14:52:19 [INFO] [munin.hostname.org] acme: Could not find solver for: tls-alpn-01
caddy[6813]: 2019/09/04 14:52:19 [INFO] [munin.hostname.org] acme: Could not find solver for: http-01
caddy[6813]: 2019/09/04 14:52:19 [INFO] [munin.hostname.org] acme: use dns-01 solver
caddy[6813]: 2019/09/04 14:52:19 [INFO] [munin.hostname.org] acme: Preparing to solve DNS-01
caddy[6813]: 2019/09/04 14:52:19 [INFO] [munin.hostname.org] acme: Cleaning DNS-01 challenge
caddy[6813]: 2019/09/04 14:52:19 [WARN] [munin.hostname.org] acme: error cleaning up: googlecloud: no matching domain found for domain hostname.org.
caddy[6813]: 2019/09/04 14:52:19 [ERROR] Renewing [munin.hostname.org]: acme: Error -> One or more domains had a problem:
caddy[6813]: [munin.hostname.org] [munin.hostname.org] acme: error presenting token: googlecloud: no matching domain found for domain hostname.org.
caddy[6813]: ; trying again in 10s
caddy[6813]: 2019/09/04 14:52:29 too many renewal attempts; last error: acme: Error -> One or more domains had a problem:
caddy[6813]: [munin.hostname.org] [munin.hostname.org] acme: error presenting token: googlecloud: no matching domain found for domain hostname.org.
systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: caddy.service: Failed with result 'exit-code'.
What am I missing here, did something change with DNS challenges recently?
A DNS zone doesn’t have a hostname, or a network interface, or a PTR record. What I meant was, is Google Cloud actually configured to respond authoritatively to DNS requests for your domain - is there actually an API object for your zone that the DNS provider plugin can manipulate to add records to, etc.