Caddy v1 help - Stuck: Activating privacy features

1. Caddy version (caddy version): 1

2. How I run Caddy:

I run caddy on windows from a command line

a. System environment:

Windows

b. Command:

Caddy -agree=true

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.
UNITYHOME.ONLINE, http://192.168.1.126:2015 www.unityhome.online {
    
    tls MY_EMAIL_ADDRESS
    timeouts none
    gzip

  
  proxy /torrents/ http://192.168.1.104:9921/ {
	without /torrents
        websocket
	transparent
   }

  proxy /security http://192.156.1.104:9925/Alexa/values/ {
        without /security
        websocket
	transparent
  }

    # Optional security headers
    header / {
	-Server
	Strict-Transport-Security "max-age=31536000;"
        Cache-Control "public, max-age=31536000"
	Referrer-Policy "strict-origin"
	X-XSS-Protection "1; mode=block"
	X-Content-Type-Options "nosniff"
	X-Frame-Options "DENY"
    }

    errors {
        404 /redir-target/NoSignal404.html
        320 /redir-target/NoSignal404.html
        402 /redir-target/NoSignal404.html
    }





    nobots "https://blog.haschek.at/tools/bomb.php" {
           "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
           "Googlebot/2.1 (+http://www.google.com/bot.html)"
	   "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
 	   "Googlebot-News"
	   "Googlebot-Image/1.0"
     	   "Googlebot-Video/1.0"
	   "compatible; Mediapartners-Google/2.1; +http://www.google.com/bot.html"
	   "Mediapartners-Google"
	   "AdsBot-Google (+http://www.google.com/adsbot.html)"
	   "AdsBot-Google-Mobile-Apps"
	   "APIs-Google (+https://developers.google.com/webmasters/APIs-Google.html)"
	   regexp "Googlebot"
	   public "^/public"
  	   public "^/[a-z]{,5}/public"
   }


    # Optional logging
   log home.log

}


automation.unityhome.online http://192.168.1.126:2021 {

    tls MY_EMAIL_ADDRESS
    timeouts none
    gzip

    proxy / 192.168.1.15 {
        without /automation
        websocket
	transparent
 
   }

    
   header / {
	-Server
        Access-Control-Allow-Origin "https://unityhome.online"
        Access-Control-Allow-Methods "GET, POST, OPTIONS"
	Strict-Transport-Security "max-age=31536000;"
        Cache-Control "public, max-age=31536000"
	Referrer-Policy "strict-origin"
	X-XSS-Protection "1; mode=block"
	X-Content-Type-Options "nosniff"
	X-Frame-Options "DENY"
    }

    errors {
        404 /redir-target/NoSignal404.html
 	502 /redir-target/NoSignal404.html
        320 /redir-target/NoSignal404.html
        401 /redir-target/NoSignal404.html
    }
    
    # Optional logging

    basicauth / admin pass
    
}



camera.unityhome.online http://192.168.1.126:2028 {

    tls MY_EMAIL_ADDRESS
    timeouts none
    gzip

    proxy / 192.168.1.104:9925/Alexa/values {
        websocket
	transparent
 
   }
   
   header / {
	-Server
        Access-Control-Allow-Origin "https://unityhome.online"
        Access-Control-Allow-Methods "GET, POST, OPTIONS"
	Strict-Transport-Security "max-age=31536000;"
        Cache-Control "public, max-age=31536000"
	Referrer-Policy "strict-origin"
	X-XSS-Protection "1; mode=block"
	X-Content-Type-Options "nosniff"
	X-Frame-Options "DENY"
    }

    errors {
        404 /redir-target/NoSignal404.html
	502 /redir-target/NoSignal404.html
        320 /redir-target/NoSignal404.html
        401 /redir-target/NoSignal404.html
    }
    
    # Optional logging
    
}


tor.unityhome.online http://192.168.1.126:2018 {

    tls MY_EMAIL_ADDRESS
    timeouts none
    gzip

    proxy / http://192.168.1.104:9921/ {
        websocket
	transparent
 
   }

   
   header / {
	-Server
        Access-Control-Allow-Origin "https://unityhome.online"
        Access-Control-Allow-Methods "GET, POST, OPTIONS"
	Strict-Transport-Security "max-age=31536000;"
        Cache-Control "public, max-age=31536000"
	#Referrer-Policy "strict-origin"
	X-XSS-Protection "1; mode=block"
	
	X-Frame-Options "DENY"
    }

    errors {
        404 /redir-target/NoSignal404.html
	502 /redir-target/NoSignal404.html
        401 /redir-target/NoSignal404.html
        320 /redir-target/NoSignal404.html
    }

    basicauth / admin pass

    # Optional logging
  log tor.log
}


theater.unityhome.online http://192.168.1.126:2022 {

    tls MY_EMAIL_ADDRESS
    timeouts none
    gzip
    cors / {
	origin		  *
    	origin            *
        methods           GET
	allowed_headers	  *
    	
    }
    proxy / 192.168.1.126:8096 {
        websocket
	transparent
    }


    header / {
	-Server
	Access-Control-Allow-Origin  *
	Access-Control-Allow-Methods "GET, POST, OPTIONS"
	Strict-Transport-Security "max-age=31536000;"
        Cache-Control "public, max-age=31536000"
	Referrer-Policy "strict-origin"
	X-XSS-Protection "1; mode=block"
	X-Content-Type-Options "nosniff"
	X-Frame-Options "DENY"
    }

    errors {
        404 /redir-target/NoSignal404.html
        320 /redir-target/NoSignal404.html
    }

    nobots "https://blog.haschek.at/tools/bomb.php" {
           "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
           "Googlebot/2.1 (+http://www.google.com/bot.html)"
	   "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
 	   "Googlebot-News"
	   "Googlebot-Image/1.0"
     	   "Googlebot-Video/1.0"
	   "compatible; Mediapartners-Google/2.1; +http://www.google.com/bot.html"
	   "Mediapartners-Google"
	   "AdsBot-Google (+http://www.google.com/adsbot.html)"
	   "AdsBot-Google-Mobile-Apps"
	   "APIs-Google (+https://developers.google.com/webmasters/APIs-Google.html)"
	   regexp "Googlebot"
	   public "^/public"
  	   public "^/[a-z]{,5}/public"
    }

    # Optional logging
    log theater.log

}



### 3. The problem I'm having:
Everything was working, and then yesterday I was unable to start the Caddy service. The command line says: "Activating  privacy features", however, unlike most of the times I start the service, that is all it is doing.

### 4. Error messages and/or full log output:
<!-- Please **DO NOT REDACT** any information except credentials. Leave domain names intact! -->
<!-- Please **DO NOT POST TRUNCATED LOG LINES** as systemd is notorious for this. -->
<!-- Please **DO NOT USE WEB BROWSERS.** Use curl -v instead. -->
<!-- Please **DO ENABLE DEBUG MODE FIRST** by adding "debug" to the global options of your Caddyfile. -->


### 5. What I already tried:
<!-- Show us what effort you've put in to solving the problem. Be specific -- people are volunteering their time to help you! Low effort posts are not likely to get good answers! -->

I opened the ".caddy" folder, and renamed the following folders:

acme -> acme_bak
lock -> lock_bak
ocsp -> ocsp_bak

After renaming the folders, I ran Caddy again from command line, but this time there was an error:

"Failed to get certificate: acme : Error 400..."
"Timeout during connect (likely a fire wall problem"

I checked that both my windows firewall was allowing port 80 and 443.
I also check that my Network was allowing Let's Encrypt.

Next, I removed "_bak" from the folder names, and tried Caddy again. 

It seems to be stuck on "Activating privacy features".

### 6. Links to relevant resources:

Slight update.

I combed through my Ubiquiti network settings (it’s a newer setup) and I found my firewall/port forwarding settings.

I made sure to double and triple check my port settings for caddy.

Now the service will spin up, however the privacy settings are taking quite a long time to startup.

Perhaps my Ubiquiti system is causing this.

I will post if I find more information.

We don’t support Caddy v1 anymore. :slightly_frowning_face: But I agree with the error message and your reply, it is likely a firewall or network config issue. The ACME CA couldn’t reach your Caddy instance.

Please upgrade to v2 as soon as you can. :slight_smile:

Matt, how hard is it to upgrade to caddy v2.

I’ve read some of the documentation, but I’m a little lost. The documentation is fine, it’s just a little out of my wheelhouse… I think.

Is there someone available to help explain to me how my old caddy file parameters would look like in v2?

I get lost when attempting to create a proxy, and I’m not sure if I should use the json or caddyfile configs.

I realize people are super busy, I will get it eventually. I will trail and error… That is usually how I learn anyway.

This topic was automatically closed after 30 days. New replies are no longer allowed.