Caddy v2.6.1 Crashing - Status=2/INVALIDARGUMENT

Help
1

1. Output of caddy version:

v2.6.1 h1:EDqo59TyYWhXQnfde93Mmv4FJfYe00dO60zMiEt+pzo=

2. How I run Caddy:

a. System environment:

|Distributor ID:|Debian|
|Description:|Debian GNU/Linux 10 (buster)|
|Release:|10|
|Codename:|buster|

b. Command:

sudo systemctl restart caddy.service

c. Service/unit/compose file:

# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
#Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddy config:

{
	on_demand_tls {
		ask http://builder.mp-app.com/php/caddyAsk.php
		interval 2m
		burst 5
	}
}

https://

tls {
	on_demand
}
reverse_proxy 198.58.122.179

3. The problem I’m having:

Caddy has been stable for weeks and today it is starting to crash often.

4. Error messages and/or full log output:

jimcook@mpaproxy:~$ sudo systemctl status caddy.service
sudo: unable to resolve host mpaproxy: Name or service not known
[sudo] password for jimcook: 
● caddy.service - Caddy
   Loaded: loaded (/etc/systemd/system/caddy.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Mon 2022-10-10 16:51:46 EDT; 25min ago
     Docs: https://caddyserver.com/docs/
  Process: 14010 ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile (code=exited, status=2)
 Main PID: 14010 (code=exited, status=2)

Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.(*Config).renewCert(0xc00068ed10, {0x1e1c6a0, 0xc0001d4ea0}, {0xc000138a20, 0x11}, 0x0, 0x0)
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/config.go:860 +0x58b
Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.(*Config).RenewCertAsync(...)
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/config.go:690
Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.(*Config).renewDynamicCertificate.func3({0x1e1c6a0, 0xc0001d4ea0}, 0xc0008526f0?)
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/handshake.go:664 +0x2ac
Oct 10 16:51:46 mpaproxy caddy[14010]: created by github.com/caddyserver/certmagic.(*Config).renewDynamicCertificate
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/handshake.go:699 +0x1293
Oct 10 16:51:46 mpaproxy systemd[1]: caddy.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Oct 10 16:51:46 mpaproxy systemd[1]: caddy.service: Failed with result 'exit-code'.

5. What I already tried:

I have restarted caddy several times

6. Links to relevant resources:

2

Looking at journalctl, I and finding this:

Oct 10 16:51:46 mpaproxy caddy[14010]: {"level":"warn","ts":1665435106.8368962,"logger":"http.acme_client","msg":"HTTP request failed; retrying","url":"https://acme.zerossl.com/v2/DV90/authz/vBmJkYahg6GZZVvf3wQ9OQ","error":"performing request: Post \"https://acme.zerossl.com/v2/DV90/authz/vBmJkYahg6GZZVvf3wQ9OQ\": context deadline exceeded"}
Oct 10 16:51:46 mpaproxy caddy[14010]: {"level":"warn","ts":1665435106.837212,"logger":"http.acme_client","msg":"HTTP request failed; retrying","url":"https://acme.zerossl.com/v2/DV90/authz/vBmJkYahg6GZZVvf3wQ9OQ","error":"performing request: Post \"https://acme.zerossl.com/v2/DV90/authz/vBmJkYahg6GZZVvf3wQ9OQ\": context deadline exceeded"}
Oct 10 16:51:46 mpaproxy caddy[14010]: {"level":"error","ts":1665435106.837227,"logger":"http.acme_client","msg":"deactivating authorization","identifier":"www.helium.gratis","authz":"https://acme.zerossl.com/v2/DV90/authz/vBmJkYahg6GZZVvf3wQ9OQ","error":"attempt 1: https://acme.zerossl.com/v2/DV90/authz/vBmJkYahg6GZZVvf3wQ9OQ: context deadline exceeded"}
Oct 10 16:51:46 mpaproxy caddy[14010]: {"level":"error","ts":1665435106.8372457,"logger":"tls.renew","msg":"could not get certificate from issuer","identifier":"www.helium.gratis","issuer":"acme.zerossl.com-v2-DV90","error":"[www.helium.gratis] solving challenges: [www.helium.gratis] checking authorization status: attempt 1: https://acme.zerossl.com/v2/DV90/authz/vBmJkYahg6GZZVvf3wQ9OQ: context deadline exceeded (order=https://acme.zerossl.com/v2/DV90/order/v-STJGqGCodNvJAywfXiSw) (ca=https://acme.zerossl.com/v2/DV90)"}
Oct 10 16:51:46 mpaproxy caddy[14010]: {"level":"info","ts":1665435106.8372974,"logger":"tls.renew","msg":"releasing lock","identifier":"www.helium.gratis"}
Oct 10 16:51:46 mpaproxy caddy[14010]: panic: runtime error: invalid memory address or nil pointer dereference
Oct 10 16:51:46 mpaproxy caddy[14010]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x8b9114]
Oct 10 16:51:46 mpaproxy caddy[14010]: goroutine 3693 [running]:
Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.(*Config).renewCert.func2({0x1e1c6d8, 0xc000178600})
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/config.go:821 +0xc14
Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.doWithRetry({0x1e1c6a0, 0xc0001d4ea0}, 0xc0003c7e60, 0xc0006c3720)
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/async.go:106 +0x1cb
Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.(*Config).renewCert(0xc00068ed10, {0x1e1c6a0, 0xc0001d4ea0}, {0xc000138a20, 0x11}, 0x0, 0x0)
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/config.go:860 +0x58b
Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.(*Config).RenewCertAsync(...)
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/config.go:690
Oct 10 16:51:46 mpaproxy caddy[14010]: github.com/caddyserver/certmagic.(*Config).renewDynamicCertificate.func3({0x1e1c6a0, 0xc0001d4ea0}, 0xc0008526f0?)
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/handshake.go:664 +0x2ac
Oct 10 16:51:46 mpaproxy caddy[14010]: created by github.com/caddyserver/certmagic.(*Config).renewDynamicCertificate
Oct 10 16:51:46 mpaproxy caddy[14010]:         github.com/caddyserver/certmagic@v0.17.1/handshake.go:699 +0x1293
Oct 10 16:51:46 mpaproxy systemd[1]: caddy.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Oct 10 16:51:46 mpaproxy systemd[1]: caddy.service: Failed with result 'exit-code'.

It looks like it is failing trying to get a certificate for “www.helium.gratis” which I have no idea why it is pointing to my server. I will fail it and hopefully that will resolve the issue.

3

I believe this has been fixed already, and should hopefully be released with 2.6.2 this week.

4

Awesome! Thanks!

5

This topic was automatically closed after 30 days. New replies are no longer allowed.