1. The problem I’m having:
On Friday i had high CPU overload due to my own failture on my webserver.
Now i try to restore it. But Caddy cannot reniew the certificates via letsencrypt.
2. Error messages and/or full log output:
xcaddy | {"level":"error","ts":1725197497.6123316,"logger":"http.acme_client","msg":"challenge failed","identifier":"naseweis.io","challenge_type":"tls-alpn-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"217.160.224.25: Error getting validation data","instance":"","subproblems":[]}}
xcaddy | {"level":"error","ts":1725197497.612376,"logger":"http.acme_client","msg":"validating authorization","identifier":"naseweis.io","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"217.160.224.25: Error getting validation data","instance":"","subproblems":[]},"order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/161610513/18796206673","attempt":2,"max_attempts":3}
3. Caddy version: 2.8.4
4. How I installed and ran Caddy:
with docker-compose
a. System environment:
Alma Linux 9.4 docker
b. Command:
docker-compose up
c. Service/unit/compose file:
version: "3.8"
services:
caddy:
image: xcaddy:latest
container_name: xcaddy
restart: unless-stopped
volumes:
- /opt/caddy/Caddyfile:/etc/caddy/Caddyfile
- /opt/caddy/certs:/certs
- /opt/caddy/config:/config
- /opt/caddy/data:/data
- /opt/caddy/sites:/srv
d. My complete Caddy config:
https://nextcloud.naseweis.io:443 {
header Strict-Transport-Security max-age=31536000;
reverse_proxy localhost:11000
log {
output file /data/access.log {
roll_size 1gb
roll_keep 5
roll_keep_for 720h
}
format transform "{common_log}"
}
}
https://naseweis.io:443 {
header Strict-Transport-Security max-age=31536000;
reverse_proxy localhost:8000
log {
output file /data/access.log {
roll_size 1gb
roll_keep 5
roll_keep_for 720h
}
format transform "{common_log}"
}
}
https://www.naseweis.io:443 {
header Strict-Transport-Security max-age=31536000;
reverse_proxy localhost:8000
log {
output file /data/access.log {
roll_size 1gb
roll_keep 5
roll_keep_for 720h
}
format transform "{common_log}"
}
}
https://checkmk.naseweis.io:443 {
header Strict-Transport-Security max-age=31536000;
reverse_proxy localhost:8888
log {
output file /data/access.log {
roll_size 1gb
roll_keep 5
roll_keep_for 720h
}
format transform "{common_log}"
}
}
So all services are down now and i don’t know how to refix it. Any idears would be nice!