1. Caddy version (caddy version
):
v2.3.0 h1:fnrqJLa3G5vfxcxmOH/+kJOcunPLhSBnjgIvjXV/QTA=
2. How I run Caddy:
a. System environment:
Fedora 34, Docker version 20.10.6, build 370c289, Portainer 2.1.1, slothcroissant/caddy-cloudflaredns container.
b. Command:
Managing containers with Portainer.
c. Service/unit/compose file:
docker run -it --name caddy \
-p 80:80 \
-p 443:443 \
-v caddy_data:/data \
-v caddy_config:/config \
-v $PWD/Caddyfile:/etc/caddy/Caddyfile \
-e CLOUDFLARE_EMAIL=my email \
-e CLOUDFLARE_API_TOKEN=my token \
-e ACME_AGREE=true \
slothcroissant/caddy-cloudflaredns
Moved Caddyfile to /srv afterwards.
d. My complete Caddyfile or JSON config:
*.internal.{env.DOMAIN} {
tls email {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
@server1 host server1.internal.{env.DOMAIN}
reverse_proxy @server1 IP:port
@server2 host server2.internal.{env.DOMAIN}
reverse_proxy @server2 IP:port
@pihole host pihole.internal.{env.DOMAIN}{
rewrite * /admin{uri}
}
reverse_proxy @pihole IP:port
}
3. The problem I’m having:
I’m trying to rewrite the domain for Pihole under a wildcard, which has worked well like this earlier:
pihole.internal.domain.com {
tls email {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
encode gzip
rewrite * /admin{uri}
reverse_proxy IP:port
}
But when I try to get it working under the wildcard, I either get the error “run: adapting config using caddyfile: subject does not qualify for certificate: ‘@pihole’”, that blocks aren’t valid, or only Pihole works, nothing else. Everything else works if I remove the Pihole rewrites.
4. Error messages and/or full log output:
run: adapting config using caddyfile: subject does not qualify for certificate: ‘@pihole’
5. What I already tried:
I’ve tried:
@pihole host pihole.internal.{env.DOMAIN}{
rewrite * /admin{uri}
}
reverse_proxy @pihole IP:port
And:
@pihole host pihole.internal.{env.DOMAIN}
rewrite * /admin{uri}
reverse_proxy @pihole IP:port