So, I tried to install the required module (which is Route53). I can see it when I execute caddy list-modules
. And now, it returns below error:
2024/02/09 09:01:41.676 INFO using provided configuration {"config_file": "/etc/caddy/Caddyfile", "config_adapter": ""}
2024/02/09 09:01:41.680 WARN Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies {"adapter": "caddyfile", "file": "/etc/caddy/Caddyfile", "line": 146}
2024/02/09 09:01:41.681 INFO admin admin endpoint started {"address": "0.0.0.0:2020", "enforce_origin": false, "origins": ["//0.0.0.0:2020"]}
2024/02/09 09:01:41.681 WARN admin admin endpoint on open interface; host checking disabled {"address": "0.0.0.0:2020"}
2024/02/09 09:01:41.683 INFO caddy.storage.redis Provision Redis simple storage using address [ZZZ.ZZZ.ZZZ.ZZZ:6379]
2024/02/09 09:01:41.683 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0003b8b00"}
2024/02/09 09:01:41.683 INFO http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2024/02/09 09:01:41.683 INFO http.auto_https enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2024/02/09 09:01:41.684 INFO http enabling HTTP/3 listener {"addr": ":443"}
2024/02/09 09:01:41.685 INFO http.log server running {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/02/09 09:01:41.685 INFO http.log server running {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/02/09 09:01:41.685 INFO http enabling automatic TLS certificate management {"domains": ["*.domain.id"]}
2024/02/09 09:01:41.685 WARN tls storage cleaning happened too recently; skipping for now {"storage": "{\"client_type\":\"simple\",\"address\":[\"ZZZ.ZZZ.ZZZ.ZZZ:6379\"],\"host\":[],\"port\":[],\"db\":0,\"timeout\":\"5\",\"username\":\"\",\"password\":\"REDACTED\",\"master_name\":\"\",\"key_prefix\":\"caddy\",\"encryption_key\":\"\",\"compression\":false,\"tls_enabled\":false,\"tls_insecure\":true,\"tls_server_certs_pem\":\"\",\"tls_server_certs_path\":\"\",\"route_by_latency\":false,\"route_randomly\":false}", "instance": "df8a8ade-1145-402b-b190-dddb6f4d03b2", "try_again": "2024/02/10 09:01:41.685", "try_again_in": 86399.99999953}
2024/02/09 09:01:41.686 INFO tls finished cleaning storage units
2024/02/09 09:01:41.688 INFO autosaved config (load with --resume flag) {"file": "/root/.config/caddy/autosave.json"}
2024/02/09 09:01:41.688 INFO serving initial configuration
2024/02/09 09:01:41.691 INFO tls.obtain acquiring lock {"identifier": "*.domain.id"}
2024/02/09 09:01:44.696 INFO tls.obtain lock acquired {"identifier": "*.domain.id"}
2024/02/09 09:01:44.696 INFO tls.obtain obtaining certificate {"identifier": "*.domain.id"}
2024/02/09 09:01:44.699 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["*.domain.id"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/02/09 09:01:44.699 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["*.domain.id"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/02/09 09:01:46.132 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "*.domain.id", "challenge_type": "dns-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2024/02/09 09:01:48.227 ERROR tls.issuance.acme.acme_client cleaning up solver {"identifier": "*.domain.id", "challenge_type": "dns-01", "error": "no memory of presenting a DNS record for \"_acme-challenge.domain.id\" (usually OK if presenting also failed)"}
2024/02/09 09:01:48.483 ERROR tls.obtain could not get certificate from issuer {"identifier": "*.domain.id", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[*.domain.id] solving challenges: presenting for challenge: adding temporary record for zone \"domain.id.\": operation error Route 53: ChangeResourceRecordSets, https response error StatusCode: 400, RequestID: dff13b3a-d8a0-4b64-ab1b-24c380744aff, InvalidChangeBatch: [RRSet with DNS name _acme-challenge.domain.id., type TXT cannot be created as other RRSets exist with the same name and type.] (order=https://acme-v02.api.letsencrypt.org/acme/order/1561474067/243071084437) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
2024/02/09 09:01:48.486 INFO tls.issuance.zerossl waiting on internal rate limiter {"identifiers": ["*.domain.id"], "ca": "https://acme.zerossl.com/v2/DV90", "account": "caddy@zerossl.com"}
2024/02/09 09:01:48.486 INFO tls.issuance.zerossl done waiting on internal rate limiter {"identifiers": ["*.domain.id"], "ca": "https://acme.zerossl.com/v2/DV90", "account": "caddy@zerossl.com"}
We do have _acme-challenge
in Route53, we use it for email purposes. The type is Multivalue answer
. Is there any way for caddy to be able to append the new value to the record?
P.S. For the record, I already created the required user and its policy as well.