1. My Caddy version (caddy version
):
caddy - gen (GitHub - wemake-services/caddy-gen: Automated Caddy reverse proxy for docker containers)
2. How I run Caddy:
Im running Caddy as a reverse Proxy for a directus setup.
a. System environment:
Debian 9 with Docker
b. Command:
version: "3"
networks:
directus:
services:
caddy-gen:
container_name: caddy-gen
image: "wemakeservices/caddy-gen:latest"
restart: always
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro # needs socket to read events
- ./certs/acme:/etc/caddy/acme # to save acme
- ./certs/ocsp:/etc/caddy/ocsp # to save certificates
ports:
- "80:80"
- "443:443"
depends_on:
- directus
networks:
- directus
mysql:
image: mysql:5.7
environment:
MYSQL_DATABASE: "directus"
MYSQL_USER: "sqluser"
MYSQL_PASSWORD: "sqlpw"
MYSQL_ROOT_PASSWORD: "sqlrootpw"
ports:
- "3306:3306"
networks:
- directus
directus:
image: directus/directus:v8-apache
ports:
- "5000:80"
environment:
DIRECTUS_APP_ENV: "production"
DIRECTUS_AUTH_PUBLICKEY: "random1"
DIRECTUS_AUTH_SECRETKEY: "random2"
DIRECTUS_DATABASE_HOST: "mysql"
DIRECTUS_DATABASE_PORT: "3306"
DIRECTUS_DATABASE_NAME: "directus"
DIRECTUS_DATABASE_USERNAME: "sqluser"
DIRECTUS_DATABASE_PASSWORD: "sqlpw"
labels:
- "virtual.host=sub.mydomain.com www.sub.mydomain.com" # your domains separated with a space
- "virtual.port=80" # exposed port of this container
- "virtual.tls-email=admin@mydomain.com" # ssl is now on
volumes:
- ./data/config:/var/directus/config
- ./data/uploads:/var/directus/public/uploads
networks:
- directus
3. The problem I’m having:
After some time yesterday to get Caddy running as a reverse proxy via a caddyfile I found the caddy - gen docker image and got it working basicly on the go. At least for regular http. When I try to activate ssl by setting the tls.email, caddy is no longer rechable.
Interresting might be that yesterday I got flagged by letsencrypt and I found some errors stating that I used to many renewals. This does not seem to be the problem in this case.
The log suggests that I get a certificate, but there seems to be something wrong during saving of that file.
4. Error messages and/or full log output:
caddy.1 | Activating privacy features... 2020/05/02 15:49:26 [INFO][www.sub.mydomain.com] acme: Obtaining bundled SAN certificate
caddy.1 | 2020/05/02 15:49:27 [INFO][] Certificate written to disk: /etc/caddy/acme/acme-v02.api.letsencrypt.org/sites/.crt
caddy.1 | 2020/05/02 15:49:27 open /etc/caddy/acme/acme-v02.api.letsencrypt.org/sites/www.sub.mydomain.com/www.sub.mydomain.com.crt: no such file or directory
forego | starting caddy.1 on port 5200
forego | sending SIGTERM to caddy.1
forego | sending SIGTERM to dockergen.1
dockergen.1 | 2020/05/02 15:49:27 Received signal: terminated
5. What I already tried:
Sadly not to much. I’m pretty new to Backend and am happy that I got that far. From my understanding there is a discrepancy between the saved file that got recieved and the wanted file by caddi.
I’m trying to find the actual files but also I#m kinda scared of rennewing the certificate to foten and lock myself out of any SSL for the next week.
Really appriciate any answers pointing me in the right direction