1. Output of caddy version
:
v2.5.2 h1:eCJdLyEyAGzuQTa5Mh3gETnYWDClo1LjtQm2q9RNZrs
2. How I run Caddy:
a. System environment:
Running caddy on Ubuntu 22.04.1 LTS
b. Command:
caddy run -config caddyfile.json
c. My complete Caddy config:
{
"logging": {
"logs": {
"default": {
"writer": {
"output": "stdout"
},
"level": "debug"
}
}
},
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"handle": [
{
"handler": "reverse_proxy",
"upstreams": [
{
"dial": "<redacted>:8081"
}
]
}
]
}
],
"tls_connection_policies": [
{}
]
}
}
},
"tls": {
"automation": {
"policies": [
{
"issuers": [
{
"module": "acme",
"ca": "https://acme-staging-v02.api.letsencrypt.org/directory",
"challenges": {
"dns": {
"provider": {
"name": "powerdns",
"api_token": "<redacted>",
"server_url": "<redacted>",
"server_id": "localhost"
},
"ttl": 300
}
}
}
],
"on_demand": true
}
],
"on_demand": {
"ask": "http://<redacted>/ask"
}
},
"cache": {
"capacity": 1000
}
}
}
}
3. The problem I’m having:
When trying to issue certificates with caddys DNS modules, I noticed that the TTL field (mentioned here in the doc: JSON Config Structure - Caddy Documentation ) does not seem to have any effects. For context, I use the following libdns module: GitHub - Splamy/powerdns: libdns powerdns provider as it seems to have fixed a minor bug that is still present in the official libdns module for powerdns (GitHub - libdns/powerdns: libdns powerdns provider). Also, I use the following caddy-dns package GitHub - Splamy/caddydns-powerdns to build caddy.
Everything is working fine, all certs are issued properly, but the TTL of the TXT record for the challenge always seems to be set to 0. Now, my guess is that the setting in the caddy config mentioned above is always overwritten (or never even accepted) with whatever the libdns module specifies when creating the TXT record. In that case, the caddy-dns package should be able to read the config entry for TTL and pass it to the libdns module, which in return sets that value when creating the record? I see that none of the other major libdns provider modules seem to support that action, which is why I am not quite sure if I am correct here.
Don’t get me wrong, if the above is the case, that functionality must be handled by the respecting libdns modules and caddy-dns packages, not by caddy itself (as they seem to be maintained by the community). I would just like to reassure that my assumptions are correct. In that case, I will probably have to fork the repos myself and add the wanted functionalities.
5. What I already tried:
I tried to set the TTL field with other provider modules (Cloudflare etc.) but these also seem overwrite the TTL to zero.