I enabled debug option. The docker container is running. Here are the logs
{"level":"info","ts":1680495616.4855783,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1680495616.4956822,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"info","ts":1680495616.4980655,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1680495616.4981515,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1680495616.4982371,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000455810"}
{"level":"info","ts":1680495616.4998982,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
{"level":"info","ts":1680495616.5002074,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
{"level":"info","ts":1680495616.5003085,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1680495616.5013182,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Receive-Buffer-Size for details."}
{"level":"info","ts":1680495616.5016832,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1680495616.5033932,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
{"level":"info","ts":1680495616.5035007,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["<my domain>"]}
{"level":"info","ts":1680495616.505373,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1680495616.5054524,"msg":"serving initial configuration"}
{"level":"info","ts":1680495616.508898,"logger":"tls.obtain","msg":"acquiring lock","identifier":"<my domain>"}
{"level":"info","ts":1680495616.5172265,"logger":"tls.obtain","msg":"lock acquired","identifier":"<my domain>"}
{"level":"info","ts":1680495616.5177596,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"<my domain>"}
{"level":"info","ts":1680495617.267371,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["<my domain>"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"kapil.v.k@firstqa.com"}
{"level":"info","ts":1680495617.2674541,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["<my domain>"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"kapil.v.k@firstqa.com"}
{"level":"info","ts":1680495617.6598408,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"<my domain>","challenge_type":"http-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1680495618.5626292,"logger":"http.acme_client","msg":"challenge failed","identifier":"<my domain>","challenge_type":"http-01","problem":
{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"my IP: Fetching http://<my domain>/.well-known/acme-challenge/q4Ha3lQ6kLRDKBeMgsfy7QwaX4v8_V8lRTTZ-sCouA4: Error getting validation data","instance":"","subproblems":[]}}
{"level":"error","ts":1680495618.5627105,"logger":"http.acme_client","msg":"validating authorization","identifier":"<my domain>","problem":
{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"my IP: Fetching http://<my domain>/.well-known/acme-challenge/q4Ha3lQ6kLRDKBeMgsfy7QwaX4v8_V8lRTTZ-sCouA4: Error getting validation data","instance":"","subproblems":[]},"order":"https://acme-v02.api.letsencrypt.org/acme/order/1042236957/173881597387","attempt":1,"max_attempts":3}
curl -v https://:4202
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -12263 (SSL_ERROR_RX_RECORD_TOO_LONG)
* SSL received a record that exceeded the maximum permissible length.
* Closing connection 0
curl: (35) SSL received a record that exceeded the maximum permissible length.
Caddyfile
{
debug
}
<my domain> {
header {
Strict-Transport-Security "max-age=31536000; includeSubdomains; preload;"
X-Content-Type-Options "no sniff"
X-Frame-Options "DENY"
Referrer-Policy "no-referrer-when-downgrade"
}
encode gzip
root * /srv/public_html
file_server
}
Isbind 127.0.0.1 needed in caddyfile?