Custom Domain, Caddy, & Tailscale

doronkatz · January 1, 2025, 1:53am

1. The problem I’m having:

I have a custom domain, doronkatz.cloud, Tailscale installed (on my Mac via homebrew), and caddy (installed via homebrew). All on the latest public release.

I want to be able to have Tailscale VPN enabled, and go to my domain via my browser and have it go to a web-app I have exposed in port :3000 on my Mac mini via Tailscale. Unfortunately I am not getting anywhere. On my browser it doesn’t return a valid page.

I believe my domain registrar settings may also be an issue. My settings are:

2. Error messages and/or full log output:

I run the following command:

❯ sudo caddy run --config Caddyfile

I get the following (in debug mode. I use a Mac so I don’t have journalctl):


2025/01/01 01:38:49.019 INFO    using config from file  {"file": "Caddyfile"}
2025/01/01 01:38:49.020 INFO    adapted config to JSON  {"adapter": "caddyfile"}
2025/01/01 01:38:49.023 INFO    admin   admin endpoint started  {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2025/01/01 01:38:49.023 INFO    http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2025/01/01 01:38:49.023 INFO    http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2025/01/01 01:38:49.023 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0x14000294980"}
2025/01/01 01:38:49.023 DEBUG   http.auto_https adjusted config {"tls": {"automation":{"policies":[{}]}}, "http": {"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}]},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"localhost:3000"}]}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{}}}}}
2025/01/01 01:38:49.024 INFO    http    enabling HTTP/3 listener        {"addr": ":443"}
2025/01/01 01:38:49.024 DEBUG   http    starting server loop    {"address": "[::]:443", "tls": true, "http3": true}
2025/01/01 01:38:49.024 INFO    http.log        server running  {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2025/01/01 01:38:49.024 DEBUG   http    starting server loop    {"address": "[::]:80", "tls": false, "http3": false}
2025/01/01 01:38:49.024 INFO    http.log        server running  {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2025/01/01 01:38:49.024 INFO    http    enabling automatic TLS certificate management   {"domains": ["doronkatz.cloud"]}
2025/01/01 01:38:49.025 INFO    autosaved config (load with --resume flag)      {"file": "/Users/doronkatz/Library/Application Support/Caddy/autosave.json"}
2025/01/01 01:38:49.025 INFO    serving initial configuration
2025/01/01 01:38:49.025 INFO    tls.obtain      acquiring lock  {"identifier": "doronkatz.cloud"}
2025/01/01 01:38:49.029 INFO    tls     storage cleaning happened too recently; skipping for now        {"storage": "FileStorage:/Users/doronkatz/Library/Application Support/Caddy", "instance": "ecf8d249-7c91-4e90-8d07-468f58c512e5", "try_again": "2025/01/02 01:38:49.029", "try_again_in": 86399.9999995}

2025/01/01 01:38:49.031 INFO    tls     finished cleaning storage units
2025/01/01 01:38:49.035 INFO    tls.obtain      lock acquired   {"identifier": "doronkatz.cloud"}
2025/01/01 01:38:49.035 INFO    tls.obtain      obtaining certificate   {"identifier": "doronkatz.cloud"}
2025/01/01 01:38:49.035 DEBUG   events  event   {"name": "cert_obtaining", "id": "269f9dc1-20a2-4455-88fe-c5b57b8d716d", "origin": "tls", "data": {"identifier":"doronkatz.cloud"}}
2025/01/01 01:38:49.035 DEBUG   tls.obtain      trying issuer 1/1       {"issuer": "acme-v02.api.letsencrypt.org-directory"}
2025/01/01 01:38:49.035 INFO    http    waiting on internal rate limiter        {"identifiers": ["doronkatz.cloud"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2025/01/01 01:38:49.035 INFO    http    done waiting on internal rate limiter   {"identifiers": ["doronkatz.cloud"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2025/01/01 01:38:49.035 INFO    http    using ACME account      {"account_id": "https://acme-v02.api.letsencrypt.org/acme/acct/2138939525", "account_contact": []}
2025/01/01 01:38:49.261 DEBUG   http.acme_client        http request    {"method": "GET", "url": "https://acme-v02.api.letsencrypt.org/directory", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["746"],"Content-Type":["application/json"],"Date":["Wed, 01 Jan 2025 01:38:49 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}

2025/01/01 01:38:49.262 DEBUG   http.acme_client        creating order  {"account": "https://acme-v02.api.letsencrypt.org/acme/acct/2138939525", "identifiers": ["doronkatz.cloud"]}
2025/01/01 01:38:49.334 DEBUG   http.acme_client        http request    {"method": "HEAD", "url": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Wed, 01 Jan 2025 01:38:49 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["WVWTDxmJ7-o6jtgQvLCE2dfh6tR6ISc1ZJHFuERiuCWBbt9R_o8"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2025/01/01 01:38:49.582 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Boulder-Requester":["2138939525"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["349"],"Content-Type":["application/json"],"Date":["Wed, 01 Jan 2025 01:38:49 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/2138939525/339421400585"],"Replay-Nonce":["WVWTDxmJSGwMZ7TQJH3MPWXMJEYJw2c6y-6KSbhgfG4KS1skMpE"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 201}
2025/01/01 01:38:49.667 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz/2138939525/453643504645", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Boulder-Requester":["2138939525"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["823"],"Content-Type":["application/json"],"Date":["Wed, 01 Jan 2025 01:38:49 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["WVWTDxmJHuJTW67hFr2lAhyc4ImOW5wdkkpLbQ60Go0aF2a-zCY"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2025/01/01 01:38:49.668 DEBUG   http.acme_client        no solver configured    {"challenge_type": "dns-01"}
2025/01/01 01:38:49.668 INFO    http.acme_client        trying to solve challenge       {"identifier": "doronkatz.cloud", "challenge_type": "http-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2025/01/01 01:38:49.669 DEBUG   http.acme_client        waiting for solver before continuing    {"identifier": "doronkatz.cloud", "challenge_type": "http-01"}
2025/01/01 01:38:49.669 DEBUG   http.acme_client        done waiting for solver {"identifier": "doronkatz.cloud", "challenge_type": "http-01"}
2025/01/01 01:38:49.779 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/chall/2138939525/453643504645/uzYkUQ", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Boulder-Requester":["2138939525"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["195"],"Content-Type":["application/json"],"Date":["Wed, 01 Jan 2025 01:38:49 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\"","<https://acme-v02.api.letsencrypt.org/acme/authz/2138939525/453643504645>;rel=\"up\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/chall/2138939525/453643504645/uzYkUQ"],"Replay-Nonce":["WVWTDxmJsq-3cqLbfxuiZMYiryXObMmg-rhRwFJE8x-xyg_qw4s"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}

letsencrypt.org/acme/authz/2138939525/453643504645", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Boulder-Requester":["2138939525"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["634"],"Content-Type":["application/json"],"Date":["Wed, 01 Jan 2025 01:38:50 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["GJdccAF6i7Fdm0bfo4z1_3Y4qyTusIMaJQZ16MV-HhFxNo71kaE"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2025/01/01 01:38:50.115 ERROR   http.acme_client        challenge failed        {"identifier": "doronkatz.cloud", "challenge_type": "http-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for doronkatz.cloud; no valid AAAA records found for doronkatz.cloud", "instance": "", "subproblems": []}}
2025/01/01 01:38:50.115 ERROR   http.acme_client        validating authorization        {"identifier": "doronkatz.cloud", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for doronkatz.cloud; no valid AAAA records found for doronkatz.cloud", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/2138939525/339421400585", "attempt": 1, "max_attempts": 3}
2025/01/01 01:38:51.116 DEBUG   http.acme_client        creating order  {"account": "https://acme-v02.api.letsencrypt.org/acme/acct/2138939525", "identifiers": ["doronkatz.cloud"]}
2025/01/01 01:38:51.428 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Boulder-Requester":["2138939525"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["349"],"Content-Type":["application/json"],"Date":["Wed, 01 Jan 2025 01:38:51 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/2138939525/339421407485"],"Replay-Nonce":["WVWTDxmJwHsvlXg3rfj_Xg-TGrHvi0SiE8MsmJjOBlCInse6tiE"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 201}
2025/01/01 01:38:51.521 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz/2138939525/453643514245", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (darwin; arm64)"]}, "response_headers": {"Boulder-Requester":["2138939525"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["823"],"Content-Type":["application/json"],"Date":["Wed, 01 Jan 2025 01:38:51 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["GJdccAF6GlNLBgJ0VkCwEBHCdkMOJeKjb7r3woe0oDrw-CSQ0nU"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
…

2025/01/01 01:38:51.961 ERROR   http.acme_client        challenge failed        {"identifier": "doronkatz.cloud", "challenge_type": "tls-alpn-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for doronkatz.cloud; no valid AAAA records found for doronkatz.cloud", "instance": "", "subproblems": []}}
2025/01/01 01:38:51.961 ERROR   http.acme_client        validating authorization        {"identifier": "doronkatz.cloud", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for doronkatz.cloud; no valid AAAA records found for doronkatz.cloud", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/2138939525/339421407485", "attempt": 2, "max_attempts": 3}
2025/01/01 01:38:51.961 ERROR   tls.obtain      could not get certificate from issuer   {"identifier": "doronkatz.cloud", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "HTTP 400 urn:ietf:params:acme:error:dns - no valid A records found for doronkatz.cloud; no valid AAAA records found for doronkatz.cloud"}
2025/01/01 01:38:51.961 DEBUG   events  event   {"name": "cert_failed", "id": "217d6299-f7e6-4bc1-b2f9-0f9de199a192", "origin": "tls", "data": {"error":{},"identifier":"doronkatz.cloud","issuers":["acme-v02.api.letsencrypt.org-directory"],"renewal":false}}
2025/01/01 01:38:51.961 ERROR   tls.obtain      will retry      {"error": "[doronkatz.cloud] Obtain: [doronkatz.cloud] solving challenge: doronkatz.cloud: [doronkatz.cloud] authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - no valid A records found for doronkatz.cloud; no valid AAAA records found for doronkatz.cloud (ca=https://acme-v02.api.letsencrypt.org/directory)", "attempt": 1, "retrying_in": 60, "elapsed": 2.926925792, "max_duration": 2592000}
^C2025/01/01 01:39:36.318       INFO    shutting down   {"signal": "SIGINT"}
2025/01/01 01:39:36.318 WARN    exiting; byeee!! 👋     {"signal": "SIGINT"}
2025/01/01 01:39:36.318 INFO    http    servers shutting down with eternal grace period
2025/01/01 01:39:36.319 INFO    tls.obtain      releasing lock  {"identifier": "doronkatz.cloud"}
2025/01/01 01:39:36.319 ERROR   tls.obtain      unable to unlock        {"identifier": "doronkatz.cloud", "lock_key": "issue_cert_doronkatz.cloud", "error": "remove /Users/doronkatz/Library/Application Support/Caddy/locks/issue_cert_doronkatz.cloud.lock: no such file or directory"}
2025/01/01 01:39:36.319 INFO    admin   stopped previous server {"address": "localhost:2019"}
2025/01/01 01:39:36.319 INFO    shutdown complete       {"signal": "SIGINT", "exit_code": 0}

3. Caddy version:

v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

4. How I installed and ran Caddy:

brew install caddy

a. System environment:


❯ sw_vers
ProductName:            macOS
ProductVersion:         15.3
BuildVersion:           24D5034f

b. Command:

❯ sudo caddy run --config Caddyfile

d. My complete Caddy config:


❯ cat Caddyfile
{
        debug
}

doronkatz.cloud {
        reverse_proxy localhost:3000
}

5. Links to relevant resources:

timelordx · January 1, 2025, 3:36am

Can you please be more specific about what that means?

Your doronkatz.cloud site doesn’t seem to be reachable from the Internet, so Caddy is failing in obtaining a certificate for it via both HTTP-01 and TLS-ALPN-01 challenge.

You can try and see if using HTTP rather than HTTPS would be sufficient for you, if you want to access the site via Tailscale only:

http://doronkatz.cloud {
        reverse_proxy localhost:3000
}

or use a DNS-01 challenge, which doesn’t require your Caddy server to be reachable from the Internet to complete the challenge and obtain the certificate.

doronkatz · January 1, 2025, 6:27am

Hi there. I fixed the description noted and added more context. So I think the issue could be at domain registrar but not sure what.

doronkatz · January 1, 2025, 6:30am

Using http does work. So it seems to be an https issue. Thanks for the link to the HTTPS Challenge. Do you have step by step instructions on how to implement it?

timelordx · January 1, 2025, 1:17pm

If you meant the DNS-01 challenge, you can easily adapt the instructions I wrote for Namecheap and modify them for your registrar:

NameCheap with ACME-DNS Provider

You will need Caddy with ACME-DNS module though, which the instructions describe how to obtain.

timelordx · January 1, 2025, 1:47pm

I don’t think it’s the issue caused by your registrar.

Your registrar returns the A record for doronkatz.cloud properly. However, the returned IP address is a so-called Bogon IP address, in this particular case belonging to a special reserved CG-NAT range of 100.64.0.0/10 used by Tailscale. That range is not publicly routable in the Internet - your site can’t be reached without Tailscale - therefore the HTTP-01 or TLS-ALPN-01 challenges cannot be completed (both require your web server to be reachable).

You can see Caddy failing in your error log and shutting down right after failing the challenges. The moment you disable HTTPS, Caddy doesn’t need to do the challenges and it starts, as you mentioned in your other post.

If you require HTTPS, give it a try with DNS-01 challenge. Take a look if there’s already a Caddy DNS module for your registrar. If there isn’t any, you can follow my instructions about how to make DNS challenge for for you with ACME-DNS module (link in another comment).

doronkatz · January 1, 2025, 4:53pm

Thanks I can give the challenge a go. But to your other point, my intention is to only have it accessible via Tailscale. I wanted to see if that was possible without having to re install caddy specific to my domain manager. If I’ve exhausted those options I’ll give this a go.

Thanks

doronkatz · January 2, 2025, 4:19am

OK so as an update, I found my DNS, name_silo in the caddy-dns repo list. I built following the instructions without error. I updated the Caddyfile as follows:


cat Caddyfile
{
    acme_dns namesilo 123456
}

tesla.doronkatz.cloud {
        reverse_proxy localhost:3000
}

Replacing and re-running caddy I get the following error:


❯ sudo caddy run --config Caddyfile

2025/01/02 04:34:37.512 DEBUG   events  event   {"name": "tls_get_certificate", "id": "9c7407b6-ebf7-4721-b726-ca1af6ebd5b3", "origin": "tls", "data": {"client_hello":{"CipherSuites":[27242,4865,4866,4867,49196,49195,52393,49200,49199,52392,49162,49161,49172,49171,157,156,53,47,49160,49170,10],"ServerName":"tesla.doronkatz.cloud","SupportedCurves":[6682,29,23,24,25],"SupportedPoints":"AA==","SignatureSchemes":[1027,2052,1025,1283,2053,2053,1281,2054,1537,513],"SupportedProtos":["h2","http/1.1"],"SupportedVersions":[64250,772,771,770,769],"RemoteAddr":{"IP":"100.120.244.83","Port":57300,"Zone":""},"LocalAddr":{"IP":"100.113.130.43","Port":443,"Zone":""}}}}
2025/01/02 04:34:37.512 DEBUG   tls.handshake   no matching certificates and no custom selection logic  {"identifier": "tesla.doronkatz.cloud"}
2025/01/02 04:34:37.512 DEBUG   tls.handshake   no matching certificates and no custom selection logic  {"identifier": "*.doronkatz.cloud"}
2025/01/02 04:34:37.512 DEBUG   tls.handshake   no matching certificates and no custom selection logic  {"identifier": "*.*.cloud"}
2025/01/02 04:34:37.512 DEBUG   tls.handshake   no matching certificates and no custom selection logic  {"identifier": "*.*.*"}
2025/01/02 04:34:37.512 DEBUG   tls.handshake   no certificate matching TLS ClientHello {"remote_ip": "100.120.244.83", "remote_port": "57300", "server_name": "tesla.doronkatz.cloud", "remote": "100.120.244.83:57300", "identifier": "tesla.doronkatz.cloud", "cipher_suites": [27242, 4865, 4866, 4867, 49196, 49195, 52393, 49200, 49199, 52392, 49162, 49161, 49172, 49171, 157, 156, 53, 47, 49160, 49170, 10], "cert_cache_fill": 0, "load_or_obtain_if_necessary": true, "on_demand": false}

Not sure what the error means here.
Thanks

025/01/02 04:15:59.593 INFO using config from file {“file”: “Caddyfile”}
Error: adapting config using caddyfile: parsing caddyfile tokens for ‘acme_dns’: getting module named ‘dns.providers.namesilo’: module not registered: dns.providers.namesilo, at Caddyfile:2

doronkatz · January 3, 2025, 12:50am

Hi,
So running it again I get:

{
    acme_dns namesilo 123456
}

tesla.doronkatz.cloud {
        reverse_proxy localhost:3000
}

…

❯ sudo caddy start --config Caddyfile
Password:
2025/01/03 01:21:32.475 INFO    using config from file  {"file": "Caddyfile"}
2025/01/03 01:21:32.476 INFO    adapted config to JSON  {"adapter": "caddyfile"}
2025/01/03 01:21:32.476 WARN    Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies   {"adapter": "caddyfile", "file": "Caddyfile", "line": 2}
2025/01/03 01:21:32.477 INFO    admin   admin endpoint started  {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2025/01/03 01:21:32.477 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0x140001ab180"}
2025/01/03 01:21:32.477 INFO    http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2025/01/03 01:21:32.477 INFO    http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2025/01/03 01:21:32.477 INFO    http    enabling HTTP/3 listener        {"addr": ":443"}
2025/01/03 01:21:32.478 INFO    http.log        server running  {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2025/01/03 01:21:32.478 WARN    http    HTTP/3 skipped because it requires TLS  {"network": "tcp", "addr": ":80"}
2025/01/03 01:21:32.478 WARN    http    HTTP/2 skipped because it requires TLS  {"network": "tcp", "addr": ":80"}
2025/01/03 01:21:32.478 INFO    http.log        server running  {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2025/01/03 01:21:32.478 INFO    http    enabling automatic TLS certificate management   {"domains": ["tesla.doronkatz.cloud"]}
2025/01/03 01:21:32.482 INFO    tls     storage cleaning happened too recently; skipping for now        {"storage": "FileStorage:/Users/doronkatz/Library/Application Support/Caddy", "instance": "ecf8d249-7c91-4e90-8d07-468f58c512e5", "try_again": "2025/01/04 01:21:32.482", "try_again_in": 86399.999999042}
2025/01/03 01:21:32.483 INFO    autosaved config (load with --resume flag)      {"file": "/Users/doronkatz/Library/Application Support/Caddy/autosave.json"}
2025/01/03 01:21:32.483 INFO    tls     finished cleaning storage units
2025/01/03 01:21:32.483 INFO    serving initial configuration
Successfully started Caddy (pid=98496) - Caddy is running in the background
2025/01/03 01:21:32.486 INFO    tls.obtain      acquiring lock  {"identifier": "tesla.doronkatz.cloud"}

Running tesla.doronkatz.cloud in my browser I get a “Can’t open page” error. Not getting much more information.

Thanks