1. Caddy version:
2.6.4
2. How I installed, and run Caddy:
Downloaded from caddyserver.com with duckdns add on
a. System environment:
Synology DSM 7.1.1-42962 Update 4 using Docker
b. Command:
sudo docker-compose up -d
c. Service/unit/compose file:
version: '3'
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: always
environment:
WEBSOCKET_ENABLED: "true" # Enable WebSocket notifications.
volumes:
- ./vw-data:/data
caddy:
image: caddy:2
container_name: caddy
restart: always
ports:
- ${CADDY_HTTP_PORT}:80
- ${CADDY_HTTPS_PORT}:443
volumes:
- ./caddy:/usr/bin/caddy # Your custom build of Caddy.
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- ./caddy-config:/config
- ./caddy-data:/data
environment:
DOMAIN: $DUCKDNS_DOMAIN # Your domain.
EMAIL: $EMAIL # The email address to use for ACME registration.
TOKEN: $DUCKDNS_TOKEN # Your Duck DNS token.
LOG_FILE: "/data/access.log"
d. My complete Caddy config:
{$DOMAIN}:443 {
log {
level INFO
output file {$LOG_FILE} {
roll_size 10MB
roll_keep 10
}
}
# Use the ACME DNS-01 challenge to get a cert for the configured domain.
tls {
dns duckdns {$TOKEN}
}
# This setting may have compatibility issues with some browsers
# (e.g., attachment downloading on Firefox). Try disabling this
# if you encounter issues.
encode gzip
# Notifications redirected to the WebSocket server
reverse_proxy /notifications/hub vaultwarden:3012
# Proxy everything else to Rocket
reverse_proxy vaultwarden:80
}
3. The problem I’m having:
Everything appears to go well but I am unable to open the web page with the following error:
This site can’t provide a secure connection
192.168.1.216 sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
4. Error messages and/or full log output:
{"level":"warn","ts":1676558976.7078424,"logger":"http.acme_client","msg":"HTTP request failed; retrying","url":"https://acme-staging-v02.api.letsencrypt.org/directory","error":"performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": dial tcp: lookup acme-staging-v02.api.letsencrypt.org on 127.0.0.11:53: read udp 127.0.0.1:35696->127.0.0.11:53: i/o timeout"}
{"level":"error","ts":1676558997.2154634,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"bwc-vw.duckdns.org","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": dial tcp: lookup acme-staging-v02.api.letsencrypt.org on 127.0.0.11:53: read udp 127.0.0.1:47122->127.0.0.11:53: i/o timeout"}
{"level":"warn","ts":1676558997.2156646,"logger":"tls.issuance.zerossl","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
{"level":"error","ts":1676559007.2246764,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"bwc-vw.duckdns.org","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": dial tcp: lookup api.zerossl.com on 127.0.0.11:53: read udp 127.0.0.1:36016->127.0.0.11:53: i/o timeout"}
5. What I already tried:
I have uninstalled docker completely and reinstalled everything. I’m still getting the same error.