1. Caddy version (caddy version
):
v2.4.5 h1:P1mRs6V2cMcagSPn+NWpD+OEYUYLIf6ecOa48cFGeUg=
2. How I run Caddy:
I reverse proxy to my nodeJS backend which uses express
a. System environment:
ubuntu-20.04-x86_64
b. Command:
caddy run
c. Service/unit/compose file:
N/A
d. My complete Caddyfile or JSON config:
lukhub.com {
reverse_proxy http://127.0.0.1:5000
}
masectechniek.nl {
reverse_proxy http://127.0.0.1:12345
}
www.masectechniek.nl {
redir https://masectechniek.nl{uri}
}
http://ws.lukhub.com {
reverse_proxy http://127.0.0.1:3000
}
http://galaxyws.lukhub.com {
reverse_proxy http://127.0.0.1:6969
}
3. The problem I’m having:
Caddy is erroring on startup
4. Error messages and/or full log output:
(dont know how to add debug to global options)
2021/09/05 09:51:38.777 INFO using adjacent Caddyfile
2021/09/05 09:51:38.779 WARN input is not formatted with 'caddy fmt' {"adapter": "caddyfile", "file": "Caddyfile", "line": 2}
2021/09/05 09:51:38.785 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/09/05 09:51:38.787 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2021/09/05 09:51:38.787 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2021/09/05 09:51:38.787 INFO http server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server {"server_name": "srv1", "http_port": 80}
2021/09/05 09:51:38.787 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0002bc690"}
2021/09/05 09:51:38.787 INFO http enabling automatic TLS certificate management {"domains": ["masectechniek.nl", "lukhub.com", "www.masectechniek.nl"]}
2021/09/05 09:51:38.788 INFO tls cleaning storage unit {"description": "FileStorage:/root/.local/share/caddy"}
2021/09/05 09:51:38.798 INFO tls finished cleaning storage units
2021/09/05 09:51:38.799 INFO autosaved config (load with --resume flag) {"file": "/root/.config/caddy/autosave.json"}
2021/09/05 09:51:38.799 INFO serving initial configuration
2021/09/05 09:51:38.799 INFO tls.renew acquiring lock {"identifier": "masectechniek.nl"}
2021/09/05 09:51:38.799 INFO tls.renew acquiring lock {"identifier": "www.masectechniek.nl"}
2021/09/05 09:51:38.801 INFO tls.renew lock acquired {"identifier": "www.masectechniek.nl"}
2021/09/05 09:51:38.802 INFO tls.renew lock acquired {"identifier": "masectechniek.nl"}
2021/09/05 09:51:38.802 INFO tls.renew renewing certificate {"identifier": "www.masectechniek.nl", "remaining": 2591412.197069592}
2021/09/05 09:51:38.803 INFO tls.renew renewing certificate {"identifier": "masectechniek.nl", "remaining": 2589012.196689274}
2021/09/05 09:51:38.803 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["www.masectechniek.nl"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2021/09/05 09:51:38.804 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["www.masectechniek.nl"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2021/09/05 09:51:38.804 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["masectechniek.nl"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2021/09/05 09:51:38.804 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["masectechniek.nl"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2021/09/05 09:51:39.848 ERROR tls.renew could not get certificate from issuer {"identifier": "masectechniek.nl", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/"}
2021/09/05 09:51:39.849 WARN tls.issuance.zerossl missing email address for ZeroSSL; it is strongly recommended to set one for next time
2021/09/05 09:51:40.515 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "www.masectechniek.nl", "challenge_type": "http-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2021/09/05 09:51:40.585 INFO tls.issuance.zerossl generated EAB credentials {"key_id": "2SBMd440QcjBycwQE3RxRQ"}
2021/09/05 09:51:41.855 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["masectechniek.nl"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2021/09/05 09:51:41.855 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["masectechniek.nl"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2021/09/05 09:51:42.830 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "masectechniek.nl", "challenge_type": "http-01", "ca": "https://acme.zerossl.com/v2/DV90"}
2021/09/05 09:51:43.784 ERROR tls.issuance.acme.acme_client challenge failed {"identifier": "www.masectechniek.nl", "challenge_type": "http-01", "status_code": 400, "problem_type": "urn:ietf:params:acme:error:connection", "error": "Fetching http://www.masectechniek.nl/.well-known/acme-challenge/bXdMqSGGGSKTO_rJeAkVuNh1okrUWIt0JEaUdwnjnQM: Error getting validation data"}
2021/09/05 09:51:43.784 ERROR tls.issuance.acme.acme_client validating authorization {"identifier": "www.masectechniek.nl", "error": "authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - Fetching http://www.masectechniek.nl/.well-known/acme-challenge/bXdMqSGGGSKTO_rJeAkVuNh1okrUWIt0JEaUdwnjnQM: Error getting validation data", "order": "https://acme-v02.api.letsencrypt.org/acme/order/122561336/22170182860", "attempt": 1, "max_attempts": 3}
2021/09/05 09:51:45.053 ERROR tls.renew could not get certificate from issuer {"identifier": "www.masectechniek.nl", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/"}
2021/09/05 09:51:45.053 WARN tls.issuance.zerossl missing email address for ZeroSSL; it is strongly recommended to set one for next time
2021/09/05 09:51:45.478 INFO tls.issuance.zerossl generated EAB credentials {"key_id": "rOde4UoQr6xefgIcP5U1Rw"}
2021/09/05 09:51:46.433 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["www.masectechniek.nl"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2021/09/05 09:51:46.434 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["www.masectechniek.nl"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2021/09/05 09:51:47.253 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "www.masectechniek.nl", "challenge_type": "http-01", "ca": "https://acme.zerossl.com/v2/DV90"}
5. What I already tried:
I’ve restarted my vps, I’ve double checked the ips in my domain provider, I’ve browsed the forum looking for simular problems but found nothing
6. Links to relevant resources:
N/A