Caddy in docker compose

viko · June 15, 2023, 7:15pm

1. The problem I’m having:

Hi! I’m using a docker-compose with caddy (ports 80:80 and 443:443), but when docker-compose is up, the logs of caddy are:
… authorization failed: HTTP 0 - (ca=https://acme.zerossl.com/v2/DV90)",“attempt”:7,“retrying_in”:1200,“elapsed”:2673.503534964,“max_duration”:2592000}

2. Error messages and/or full log output:

... authorization failed: HTTP 0  -  (ca=https://acme.zerossl.com/v2/DV90)","attempt":7,"retrying_in":1200,"elapsed":2673.503534964,"max_duration":2592000}

3. Caddy version:

v2.6.4

4. How I installed and ran Caddy:

a. System environment:

Docker

b. Command:

 caddy:
    image: caddy:latest
    restart: unless-stopped
    networks:
      - caddy-internal
    ports:
      - 80:80
      - 443:443
    volumes:
      - $PWD/Caddyfile:/etc/caddy/Caddyfile
      - ./caddy_data:/data
      - ./caddy_config:/config

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

#Caddyfile:
testsite.ddns.net {
    reverse_proxy keycloak:8080
}

5. Links to relevant resources:

Someone can help me?

Thank you.

Whitestrake · June 15, 2023, 11:47pm

Howdy @viko, welcome to the Caddy community.

The first question I have to ask, given the result of HTTP 0, is: does your firewall allow access on ports 80 and 443?

The second question is: does your DNS point to the correct IP address?

I did a quick check of testsite.ddns.net and got a response from an NGINX server instead.

viko · June 16, 2023, 12:42pm

@Whitestrake thank you for your support. Yes, firewall allow access on ports 80 and 443. Sorry, but the real address is ommited (testsite.ddns.net is just to illustrate).

Whitestrake · June 19, 2023, 12:52am

Gotcha. We recommend people don’t redact their domain names in this way - disregarding that it can confuse troubleshooting, somebody else actually utilizes that domain and might not appreciate you linking it here. For those purposes, example.com, example.net and the entire .example TLD are reserved by IANA for demonstration purposes.

When I did some quick Googling of HTTP 0 error response from ZeroSSL, I only really noted a few instances of no access (firewall, wrong IP address, etc) from the ACME provider to the client. Without more context and logs, I’m not sure I can steer you any better to troubleshoot.

system · July 19, 2023, 12:52am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.