1. The problem I’m having:
I have a pi running a docker compose containers for caddy and vaultwarden that is publicly accessible. This has been up and running for months but the certificate seems to have failed updating.
2. Error messages and/or full log output:
Here is the error output from from curl- vL https://localhost
:
3. Caddy version: v2.6.4
4. How I installed and ran Caddy:
I installed Caddy and Vaultwarden images into docker compose containers. I run the containers by running docker compose start
or docker compose up
.
a. System environment:
Running this in docker compose containers on a raspberry pi version 11 (bullseye).
b. Command:
Any caddy commands I run are through the docker container
c. Service/unit/compose file:
version: '3'
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: always
environment:
WEBSOCKET_ENABLED: "true" # Enable WebSocket notifications.
volumes:
- ./vw-data:/data
caddy:
image: caddy:2
container_name: caddy
restart: always
ports:
- 80:80 # Needed for the ACME HTTP-01 challenge.
- 443:443
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- ./caddy-config:/config
- ./caddy-data:/data
environment:
DOMAIN: "https://bitnite.net" # Your domain.
EMAIL: "<email>" # The email address to use for ACME registration.
LOG_FILE: "/data/access.log"
d. My complete Caddy config:
{$DOMAIN}:443 {
log {
level INFO
output file {$LOG_FILE} {
roll_size 10MB
roll_keep 10
}
}
# Use the ACME HTTP-01 challenge to get a cert for the configured domain.
tls {$EMAIL}
# This setting may have compatibility issues with some browsers
# (e.g., attachment downloading on Firefox). Try disabling this
# if you encounter issues.
encode gzip
# Notifications redirected to the WebSocket server
reverse_proxy /notifications/hub vaultwarden:3012
# Proxy everything else to Rocket
reverse_proxy vaultwarden:80 {
# Send the true remote IP to Rocket, so that vaultwarden can put this in the
# log, so that fail2ban can ban the correct IP.
header_up X-Real-IP {remote_host}
}
}
Thanks for any help.