Cloudflare 525 SSL error

1. The problem I’m having:

We are using frankenphp in a kubernetes cluster. When we deploy a new instance the first requests which are handled are returning a cloudflare 525 SSL Error. It seems that the ssl certificate is not available at the moment.

We are saving the certificate on a persistent volume so that it can be shared between multiple instances of our application.

2. Error messages and/or full log output:

Cloudflare 525: ssl handshake failed

{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:48:26.051Z","error":"write tcp 192.168.50.135:8081->169.254.42.1:53892: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012106.0519235}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:49:10.844Z","error":"write tcp [::1]:8082->[::1]:57524: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012150.8446603}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:49:27.421Z","error":"write tcp 192.168.50.135:8081->169.254.42.1:45190: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012167.4211807}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:49:30.173Z","error":"write tcp 192.168.50.135:8081->169.254.42.1:37456: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012170.1733687}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:49:47.762Z","error":"write tcp [::1]:8082->[::1]:57496: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012187.7627783}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:51:43.539Z","error":"write tcp 192.168.50.184:8081->192.168.50.135:60890: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012303.5392208}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:53:29.907Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012409.9072697,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:53:29.907Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012409.9073384,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:53:29.907Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43292","ts":1744012409.9076412,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:53:29.907Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43292","ts":1744012409.9076843,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:54:31.217Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43254","ts":1744012471.2176418,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:54:31.217Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43254","ts":1744012471.217712,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:54:32.012Z","error":"write tcp 192.168.50.184:8081->169.254.42.1:51808: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012472.0122373}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:16.025Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012516.0258548,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:16.025Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012516.0259428,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:16.026Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43294","ts":1744012516.0262444,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:16.026Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43294","ts":1744012516.0262845,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:18.307Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012518.307831,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:18.307Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012518.3078933,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:18.308Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43260","ts":1744012518.3081512,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:18.308Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:43260","ts":1744012518.3082068,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:20.524Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:60898","ts":1744012520.5245316,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:20.524Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:60898","ts":1744012520.524589,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:20.524Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012520.524079,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:20.524Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:39600","ts":1744012520.5241723,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:55:30.629Z","error":"write tcp [::1]:8082->[::1]:35420: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012530.6297936}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:56:23.091Z","error":"write tcp [::1]:8082->[::1]:32844: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012583.0915985}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:59:35.249Z","error":"write tcp 192.168.50.184:8081->192.168.50.135:43282: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012775.2496867}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T07:59:41.414Z","error":"write tcp 192.168.50.135:8081->169.254.42.1:58790: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012781.414143}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:00:11.749Z","error":"write tcp 192.168.50.135:8081->169.254.42.1:58592: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012811.7494318}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:00:43.830Z","error":"write tcp 192.168.50.135:8081->192.168.50.184:58044: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744012843.830902}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:10:16.747Z","error":"write tcp [::1]:8082->[::1]:41198: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744013416.7472608}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:13:04.544Z","error":"write tcp [::1]:8082->[::1]:60820: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744013584.544177}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:14:13.976Z","error":"write tcp 192.168.50.184:8081->192.168.50.135:58650: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744013653.9761095}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:15:41.434Z","error":"write tcp [::1]:8082->[::1]:47726: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744013741.4346526}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:15:53.075Z","error":"write tcp [::1]:8082->[::1]:50738: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744013753.075518}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:19:44.611Z","error":"write tcp 192.168.50.135:8081->169.254.42.1:35606: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744013984.6116452}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:22:10.550Z","error":"write tcp 192.168.50.184:8081->192.168.50.135:33710: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014130.5501614}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:23:28.353Z","error":"write tcp 192.168.50.184:8081->192.168.50.135:33798: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014208.3531082}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:24:18.568Z","error":"write tcp [::1]:8082->[::1]:50858: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014258.568293}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:24:18.636Z","error":"write tcp [::1]:8082->[::1]:57206: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014258.6363273}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:24:19.358Z","error":"write tcp 192.168.50.184:8081->169.254.42.1:33816: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014259.3581643}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:24:22.554Z","error":"write tcp [::1]:8082->[::1]:39110: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014262.5540707}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:28:06.866Z","error":"write tcp 192.168.50.184:8081->169.254.42.1:47716: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014486.8666973}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:31:22.403Z","error":"write tcp 192.168.51.14:8081->169.254.42.1:33428: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014682.4033723}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:32:59.160Z","error":"write tcp [::1]:8082->[::1]:55002: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014779.1607482}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:35:04.594Z","error":"write tcp 192.168.50.135:8081->192.168.50.184:45358: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744014904.5942771}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:36:48.305Z","error":"write tcp [::1]:8082->[::1]:49678: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015008.3054924}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:36:50.963Z","error":"write tcp [::1]:8082->[::1]:42838: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015010.9630623}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:37:20.172Z","error":"write tcp 192.168.50.184:8081->192.168.50.135:33856: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015040.1723678}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:38:13.464Z","error":"write tcp [::1]:8082->[::1]:57494: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015093.4647036}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:38:53.758Z","error":"write tcp 192.168.50.184:8081->169.254.42.1:47678: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015133.7582612}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:39:24.045Z","error":"write tcp [::1]:8082->[::1]:48380: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015164.0451338}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:40:56.605Z","error":"write tcp [::1]:8082->[::1]:39844: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015256.6053967}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:41:50.959Z","error":"write tcp [::1]:8082->[::1]:59512: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015310.9595635}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:12.612Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015392.6126208,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:12.612Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015392.6127176,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:12.629Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:44470","ts":1744015392.629449,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:12.629Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:44470","ts":1744015392.6295457,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:46.444Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015426.444259,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:46.444Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015426.4443288,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:46.444Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:50774","ts":1744015426.4446924,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:43:46.444Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:50774","ts":1744015426.4447548,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:18.598Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015458.59857,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:18.598Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015458.5986466,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:18.598Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"169.254.42.1:44354","ts":1744015458.5989585,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:18.598Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"169.254.42.1:44354","ts":1744015458.5989852,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:20.652Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015460.6527836,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:20.652Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015460.6528568,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:20.654Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:50774","ts":1744015460.6547234,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:20.654Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"192.168.50.135:50774","ts":1744015460.6547878,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:22.472Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015462.4722958,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:22.472Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"10.114.0.24:26962","ts":1744015462.4723756,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:22.472Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"169.254.42.1:44402","ts":1744015462.4726791,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:22.472Z","error":"no information found to solve challenge for identifier: XXXXXX.com","host":"XXXXXX.com","level":"warn","logger":"tls.issuance.acme","msg":"looking up info for HTTP challenge","remote_addr":"169.254.42.1:44402","ts":1744015462.4727154,"user_agent":""}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:29.050Z","error":"write tcp [::1]:8082->[::1]:52448: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015469.0504706}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:44:37.449Z","error":"write tcp [::1]:8082->[::1]:45360: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015477.4494634}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:46:48.924Z","error":"write tcp [::1]:8082->[::1]:47596: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015608.9242992}
{"_app":"caddy_k8s_production","_source_id":"1076540","dt":"2025-04-07T08:46:58.616Z","error":"write tcp 192.168.51.14:8081->169.254.42.1:54086: write: broken pipe","level":"error","logger":"frankenphp","msg":"write error","ts":1744015618.616715}

3. Caddy version:

v2.9.1

4. How I installed and ran Caddy:

exec frankenphp run --config /etc/caddy/Caddyfile

a. System environment:

Kubernetes cluster, frankenphp on debian

c. Service/unit/compose file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: deployment
spec:
  selector:
    matchLabels:
      app: deployment
  replicas: 2
  minReadySeconds: 0
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
      maxSurge: 2
  template:
    metadata:
      labels:
        app: deployment
      annotations:
        cluster-autoscaler.kubernetes.io/safe-to-evict-local-volumes: "caddy-data,caddy-config"
    spec:
      terminationGracePeriodSeconds: 10
      containers:
        - name: frankenphp
          image: XXXXXX/XXXXXX:frankenphp-%VERSION%
          command:
            - /bin/sh
            - -c
          args:
            - /usr/local/bin/init && exec frankenphp run --config /etc/caddy/Caddyfile
          imagePullPolicy: Always
          ports:
            - containerPort: 443
            - containerPort: 80
          env:
              [...]
          volumeMounts:
            - name: caddyfile-volume
              mountPath: /etc/caddy/Caddyfile
              subPath: Caddyfile
            - name: caddy-data
              mountPath: /data
            - name: caddy-certs
              mountPath: /data/caddy
            - name: caddy-config
              mountPath: /config
            [...]
          startupProbe:
            exec:
              command:
                - cat
                - /tmp/ready
            initialDelaySeconds: 20
            periodSeconds: 2
          readinessProbe:
            httpGet:
              path: /api/ping
              port: 8081
              httpHeaders:
                - name: Host
                  value: localhost
            initialDelaySeconds: 5
            periodSeconds: 5
          livenessProbe:
            httpGet:
              path: /api/ping
              port: 8081
              httpHeaders:
                - name: Host
                  value: localhost
          resources:
            requests:
              memory: "3200Mi"
              cpu: "1000m"
            limits:
              memory: "3200Mi"
      volumes:
        - name: caddy-certs
          persistentVolumeClaim:
            claimName: pv-claim-caddy
        - name: caddy-data
          emptyDir: { }
        - name: caddy-config
          emptyDir: { }
        - name: caddyfile-volume
          configMap:
            name: caddyfile

d. My complete Caddy config:

{
            log {
                   level warn
                   output file /var/log/caddy/caddy.log
            }

            # Enable FrankenPHP
            frankenphp {
                   worker /var/www/public/index.php 8
                   worker /var/www/public/index-internal.php 8
            }

            # Configure when the directive must be executed
            order mercure after encode
            order vulcain after reverse_proxy
            order php_server before file_server
            order php before file_server

            # cloudflare proxy
            servers {
                   trusted_proxies combine {
                          static private_ranges
                          cloudflare {
                                 interval 12h
                                 timeout 15s
                          }
                   }
                   client_ip_headers CF-Connecting-IP X-Forwarded-For X-Real-IP
            }
    }

    :8082 {
           root * /var/www/public

           route {
                  # Add trailing slash for directory requests
                  @canonicalPath {
                         file {path}/index-internal.php
                         not path */
                  }

                  redir @canonicalPath {path}/ 308

                  # If the requested file does not exist, try index files
                  @indexFiles file {
                         try_files {path} {path}/index-internal.php index-internal.php
                         split_path .php
                  }

                  rewrite @indexFiles {http.matchers.file.relative}

                  # FrankenPHP!
                  @phpFiles path *.php
                  php @phpFiles
                  file_server
           }
    }

    :8081 {
           root * /var/www/public

           php_server
    }

    *.XXXXXX.com, XXXXXX.com {
           root * /var/www/public

           @notWww not host www.XXXXXX.com
           redir @notWww https://www.XXXXXX.com{uri}

           tls XXXXXX@XXXXXX.de {
                   dns cloudflare {$CLOUDFLARE_API_TOKEN}
           }

           @buildFile path /build/*
           @noBuildFile not path /build/*

           handle @buildFile {
                   header {
                           Cache-Control "public, max-age=31536000, immutable"
                           -Via
                           -Server
                           -Vary
                           -X-Debug-Token
                           -X-Locale
                           -X-Varnish
                           -X-Powered-By
                   }
                   file_server
           }

           @maintenance {
                   file "maintenance/active.txt"
                   not path /favicon.ico
                   not path /build/roboto*
           }

           handle @maintenance {
                   try_files maintenance/maintenance.html

                   file_server {
                           status 503
                   }
           }

           header @noBuildFile {
                   Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
                   X-Frame-Options "DENY"
                   X-Content-Type-Options "nosniff"
                   X-XSS-Protection "1; mode=block"
                   -Via
                   -Server
                   -Vary
                   -X-Debug-Token
                   -X-Locale
                   -X-Varnish
                   -X-Powered-By
           }

           @useVarnish {
                   header !X-Caddy-Forwarded
                   not file
                   not path /api/chat/subscribe/*
                   not path /api/ping
           }

           reverse_proxy @useVarnish {
                   to http://varnish-service:8080 http://internal-load-balancer:8081

                   # use first upstream, if healthy
                   lb_policy first

                   # configure health check
                   health_uri /api/ping
                   health_port 8081
                   health_headers {
                           Host localhost
                   }
                   health_fails 2
                   health_timeout 11s
                   health_interval 5s
                   health_status 200
           }

           # enable http3 push
           push
           php_server
           encode gzip
           file_server
    }

5. Links to relevant resources:

Cloudflare 525