Caddy Server Cloudflare on Mac

Hi,

I’m trying to get a caddy server going with a subdomain I have on cloudflare, pointing to a static IP, which our router is setup to translate internally.

I’m on Mac OS…to test, I issue these commands to set the environment variables…I’m not sure how to permanently set these yet so I just put these into terminal and it takes them…

CLOUDFLARE_EMAIL=EMAIL
CLOUDFLARE_API_KEY=KEY

I have a super simple caddy file …

ucliqed.insigniam.com

{
ext .html .htm .php
root /private/etc/caddy/ # site location, change it to where the html root is on your system/OS
tls {
dns cloudflare
}

 proxy / http://192.168.9.7:3333  {        
 transparent

}
}

However I’m getting an error during parsing…

2019/07/23 11:05:49 Caddyfile:7 - Error during parsing: Setting up DNS provider 'cloudflare': cloudflare: some credentials information are missing: CLOUDFLARE_EMAIL,CLOUDFLARE_API_KEY

What am I missing?

Ultimately I’d love to use caddy to setup HTTPS on a few hosted services we run on the Mac Mini Server and to experiment easily with new ones in a secure environment.

Help? Thanks!

Also, I guess it’s worth to note, I only chose the Cloudflare plugin because we use Cloudflare to host our DNS, no other reason, if it’s not necessary, I could go without the plugin if that is one way to solve the issue.

I assumed it was necessary and since we use Cloudflare, chose it.

More follow up, I’ve used the commands for macOS to set the variables export CLOUDFLARE_EMAIL=EMAIL and so on, then checked them with the env command, and they are listed…still same error…hmm what gives!

Whenever you run Caddy (including if done in scripts or unit/service files), add the -env flag and see what it says; make sure those variables are printed.

I’m not as familiar with the mac setup, but on linux, I had to put the env variable in the caddy.service file.

Environment="CLOUDFLARE_EMAIL=myemail@email.com"
Environment="CLOUDFLARE_API_KEY=theapikey"

Thanks @matt

Hmm so when I just run env … the variables are there.

When I run caddy with the -env flag…they aren’t!

Hmm, what would that indicate

-r

It likely means Caddy isn’t being run in the same context (e.g. the same shell/user) as the context in which those variables were set.

How do you run Caddy?

Hmm interesting, plain old terminal, and I dropped caddy in the prescribed location…this not being a fresh server, or due it being on sierra is likely the problem, or one of them…I can use an alternate machine unless this is likely an easy fix?

What command do you actually use to run Caddy? And are you setting the environmental variables in the same shell as the one you run that command?

I’m running sudo caddy normally.

I think it might have something to do with security …i also get an error with trying to solve TLS ALPN 01 error presenting token when running nothing buddy caddy and the domain…the getting started intro information I don’t think applies any longer, just moving into usr/local/bin … doesn’t work…won’t load

Here’s your problem - you’re not running it in your own environment, you’re running it in a new environment (as a different user, probably root). Per man sudo:

sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy.

A bit further down the man page, it elaborates:

When sudo executes a command, the security policy specifies the execution environment for the command.

You want to look into using the -E, --preserve-env flag:

Indicates to the security policy that the user wishes to preserve their existing environment variables.

Alternately:

Environment variables to be set for the command may also be passed on the command line in the form of VAR=value, e.g. LD_LIBRARY_PATH=/usr/local/pkg/lib.

Note the examples in the Synopsis section.