1. Caddy version (caddy version
):
caddy:2-alpine / v2.4.0
2. How I run Caddy:
docker-compose (see file below)
a. System environment:
- Docker version 19.03.13, build 4484c46d9d
- docker-compose version 1.25.0, build unknown
- Ubuntu 20.04.1 LTS
b. Command:
docker-compose up -d
c. Service/unit/compose file:
caddy/docker-compose.yaml:
version: '3.7'
services:
caddy:
# image: lucaslorentz/caddy-docker-proxy:ci-alpine
build: ./custom-caddy-build
restart: unless-stopped
environment:
- TZ=America/Los_Angeles
env_file:
- ./easydns.dumbunz.env
ports:
- '80:80'
- '443:443'
networks:
- docker_web
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels: # Global options
caddy.email: XXXXX@gmail.com
# remove the following line when you have verified your setup
# Otherwise you risk being rate limited by let's encrypt
caddy.acme_ca: https://acme-staging-v02.api.letsencrypt.org/directory
# snippet definitions
caddy_0: '(www-redirect)'
caddy_0.redir: 'https://www.{hostport}{uri}'
caddy_1: '(dns-challenge)'
caddy_1.tls.dns: 'lego_deprecated easydns'
caddy_2: '(internal-only)'
caddy_2.@public_networks: 'not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8'
caddy_2.respond: '@public_networks 403'
caddy_2.respond.close:
whoami-public:
image: jwilder/whoami
networks:
- docker_web
labels:
caddy: 'public.dumbunz.com'
caddy.reverse_proxy: '{{upstreams 8000}}'
whoami-private:
image: jwilder/whoami
networks:
- docker_web
labels:
caddy: 'private.dumbunz.com'
caddy.reverse_proxy: '{{upstreams 8000}}'
caddy.import_0: 'dns-challenge'
caddy.import_1: 'internal-only'
networks:
docker_web:
external: true
dumbunz.com/docker-compose.yaml:
version: '3.7'
services:
app:
build:
context: app/
image: altano/norbauer.net
networks:
- docker_web
restart: unless-stopped
labels:
caddy: 'www.dumbunz.com'
caddy.reverse_proxy: '{{upstreams 8000}}'
caddy.import_0: 'dns-challenge'
caddy.import_1: 'internal-only'
caddy.import_3: 'www-redirect'
networks:
docker_web:
external: true
d. My complete Caddyfile or JSON config:
auto-generated caddyfile:
{
acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
email XXXXX@gmail.com
}
(dns-challenge) {
tls {
dns lego_deprecated easydns
}
}
(internal-only) {
@public_networks not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
respond @public_networks 403 {
close
}
}
(www-redirect) {
redir https://www.{hostport}{uri}
}
www.dumbunz.com {
import dns-challenge
import internal-only
import www-redirect
reverse_proxy 172.25.0.9:8000
}
3. The problem I’m having:
The DNS challenge fails, with errors in the Caddy logs (see below).
4. Error messages and/or full log output:
Error:
solving challenges: presenting for challenge: easydns: error adding zone record
{"level":"error","ts":1621752649.3619487,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60410565) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":31.435580592,"max_duration":2592000}
Full log:
2021-05-23T06:50:17.876896948Z 2021/05/23 06:50:17 [INFO] Running caddy proxy server
2021-05-23T06:50:17.878115436Z {"level":"info","ts":1621752617.8778565,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
2021-05-23T06:50:17.878218197Z {"level":"info","ts":1621752617.8781028,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
2021-05-23T06:50:17.878322200Z 2021/05/23 06:50:17 [INFO] Running caddy proxy controller
2021-05-23T06:50:17.879285114Z 2021/05/23 06:50:17 [INFO] CaddyfilePath:
2021-05-23T06:50:17.879318024Z 2021/05/23 06:50:17 [INFO] LabelPrefix: caddy
2021-05-23T06:50:17.879323905Z 2021/05/23 06:50:17 [INFO] PollingInterval: 30s
2021-05-23T06:50:17.879329015Z 2021/05/23 06:50:17 [INFO] ProcessCaddyfile: true
2021-05-23T06:50:17.879333435Z 2021/05/23 06:50:17 [INFO] ProxyServiceTasks: true
2021-05-23T06:50:17.879338625Z 2021/05/23 06:50:17 [INFO] IngressNetworks: []
2021-05-23T06:50:17.879681720Z 2021/05/23 06:50:17 [INFO] Caddy ContainerID: 3c1cab3ba65a124a71191da6409de7bbfc22d7de15f8e8581a4e8331786f11c7
2021-05-23T06:50:17.883707441Z 2021/05/23 06:50:17 [INFO] IngressNetworksMap: map[6c9fa46659c613cc30afdae4cdc381ff758072d3f93b0726f9b8050c1829c001:true]
2021-05-23T06:50:17.896230630Z 2021/05/23 06:50:17 [INFO] Swarm is available: false
2021-05-23T06:50:17.908264442Z 2021/05/23 06:50:17 [INFO] Skipping default Caddyfile because no path is set
2021-05-23T06:50:17.908289172Z [INFO] Skipping configs because swarm is not available
2021-05-23T06:50:17.908294863Z [INFO] Skipping services because swarm is not available
2021-05-23T06:50:17.908301343Z 2021/05/23 06:50:17 [INFO] New Caddyfile:
2021-05-23T06:50:17.908305803Z {
2021-05-23T06:50:17.908310243Z acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
2021-05-23T06:50:17.908315023Z email XXXXXXXX@gmail.com
2021-05-23T06:50:17.908319393Z }
2021-05-23T06:50:17.908323253Z (dns-challenge) {
2021-05-23T06:50:17.908327123Z tls {
2021-05-23T06:50:17.908332053Z dns lego_deprecated easydns
2021-05-23T06:50:17.908335884Z }
2021-05-23T06:50:17.908356594Z }
2021-05-23T06:50:17.908361854Z (internal-only) {
2021-05-23T06:50:17.908365544Z @public_networks not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
2021-05-23T06:50:17.908369374Z respond @public_networks 403 {
2021-05-23T06:50:17.908373094Z close
2021-05-23T06:50:17.908377324Z }
2021-05-23T06:50:17.908381244Z }
2021-05-23T06:50:17.908385634Z (www-redirect) {
2021-05-23T06:50:17.908389284Z redir https://www.{hostport}{uri}
2021-05-23T06:50:17.908392704Z }
2021-05-23T06:50:17.908465885Z private.dumbunz.com {
2021-05-23T06:50:17.908475586Z import dns-challenge
2021-05-23T06:50:17.908479526Z import internal-only
2021-05-23T06:50:17.908482796Z reverse_proxy 172.25.0.7:8000
2021-05-23T06:50:17.908488076Z }
2021-05-23T06:50:17.908491856Z public.dumbunz.com {
2021-05-23T06:50:17.908495716Z reverse_proxy 172.25.0.6:8000
2021-05-23T06:50:17.908499336Z }
2021-05-23T06:50:17.908504236Z www.dumbunz.com {
2021-05-23T06:50:17.908508036Z import dns-challenge
2021-05-23T06:50:17.908511656Z import internal-only
2021-05-23T06:50:17.908515176Z import www-redirect
2021-05-23T06:50:17.908520846Z reverse_proxy 172.25.0.9:8000
2021-05-23T06:50:17.908524256Z }
2021-05-23T06:50:17.909005213Z 2021/05/23 06:50:17 [INFO] New Config JSON:
2021-05-23T06:50:17.909040024Z {"apps":{"http":{"servers":{"srv0":{"listen":[":443"],"routes":[{"match":[{"host":["private.dumbunz.com"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"close":true,"handler":"static_response","status_code":403}],"match":[{"not":[{"remote_ip":{"ranges":["192.168.0.0/16","172.16.0.0/12","10.0.0.0/8"]}}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"172.25.0.7:8000"}]}]}]}],"terminal":true},{"match":[{"host":["public.dumbunz.com"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"172.25.0.6:8000"}]}]}]}],"terminal":true},{"match":[{"host":["www.dumbunz.com"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://www.{http.request.hostport}{http.request.uri}"]},"status_code":302}]},{"handle":[{"close":true,"handler":"static_response","status_code":403}],"match":[{"not":[{"remote_ip":{"ranges":["192.168.0.0/16","172.16.0.0/12","10.0.0.0/8"]}}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"172.25.0.9:8000"}]}]}]}],"terminal":true}]}}},"tls":{"automation":{"policies":[{"subjects":["private.dumbunz.com","www.dumbunz.com"],"issuer":{"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","challenges":{"dns":{"provider":{"name":"lego_deprecated","provider_name":"easydns"}}},"email":"XXXXX@gmail.com","module":"acme"}},{"issuer":{"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","email":"XXXXX@gmail.com","module":"acme"}}]}}}}
2021-05-23T06:50:17.909060874Z 2021/05/23 06:50:17 [INFO] Sending configuration to localhost
2021-05-23T06:50:17.909960329Z {"level":"info","ts":1621752617.909783,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_addr":"127.0.0.1:39206","headers":{"Accept-Encoding":["gzip"],"Content-Length":["1556"],"Content-Type":["application/json"],"User-Agent":["Go-http-client/1.1"]}}
2021-05-23T06:50:17.910856042Z {"level":"info","ts":1621752617.9106762,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
2021-05-23T06:50:17.911126916Z {"level":"info","ts":1621752617.9109845,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0001d4540"}
2021-05-23T06:50:17.911296098Z {"level":"info","ts":1621752617.911152,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
2021-05-23T06:50:17.911306258Z {"level":"info","ts":1621752617.9111862,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
2021-05-23T06:50:17.913194917Z {"level":"info","ts":1621752617.9130437,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["private.dumbunz.com","public.dumbunz.com","www.dumbunz.com"]}
2021-05-23T06:50:17.924792792Z {"level":"info","ts":1621752617.924558,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
2021-05-23T06:50:17.924823222Z {"level":"info","ts":1621752617.924595,"logger":"admin.api","msg":"load complete"}
2021-05-23T06:50:17.926637980Z 2021/05/23 06:50:17 [INFO] Successfully configured localhost
2021-05-23T06:50:17.926663710Z {"level":"info","ts":1621752617.924618,"logger":"tls.obtain","msg":"acquiring lock","identifier":"www.dumbunz.com"}
2021-05-23T06:50:17.926670201Z 2021/05/23 06:50:17 [INFO][FileStorage:/data/caddy] Lock for 'cert_acme_www.dumbunz.com_acme-staging-v02.api.letsencrypt.org-directory' is stale (created: 2021-05-23 04:38:31.152835747 +0000 UTC, last update: 2021-05-23 04:38:31.152835747 +0000 UTC); removing then retrying: /data/caddy/locks/cert_acme_www.dumbunz.com_acme-staging-v02.api.letsencrypt.org-directory.lock
2021-05-23T06:50:17.926675931Z {"level":"info","ts":1621752617.926347,"logger":"tls.obtain","msg":"lock acquired","identifier":"www.dumbunz.com"}
2021-05-23T06:50:17.927574055Z {"level":"info","ts":1621752617.9273088,"logger":"tls","msg":"cleaned up storage units"}
2021-05-23T06:50:17.928020502Z {"level":"info","ts":1621752617.9278953,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["www.dumbunz.com"]}
2021-05-23T06:50:17.928043891Z {"level":"info","ts":1621752617.927928,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["www.dumbunz.com"]}
2021-05-23T06:50:18.411317489Z {"level":"info","ts":1621752618.411088,"logger":"admin","msg":"stopped previous server"}
23T06:50:18.809697854Z {"level":"info","ts":1621752618.8095715,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T06:50:49.362132011Z {"level":"error","ts":1621752649.3619487,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60410565) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":31.435580592,"max_duration":2592000}
23T06:51:50.848295045Z {"level":"info","ts":1621752710.8479986,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T06:52:21.564159246Z {"level":"error","ts":1621752741.563855,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60411341) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":2,"retrying_in":120,"elapsed":123.637487675,"max_duration":2592000}
23T06:54:22.488561894Z {"level":"info","ts":1621752862.4883375,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T06:54:52.885884545Z {"level":"error","ts":1621752892.885608,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60412779) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":3,"retrying_in":120,"elapsed":274.959238975,"max_duration":2592000}
23T06:56:53.281583615Z {"level":"info","ts":1621753013.2813559,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T06:57:23.650762345Z {"level":"error","ts":1621753043.6505716,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60414086) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":4,"retrying_in":300,"elapsed":425.724204667,"max_duration":2592000}
23T07:02:23.938073198Z {"level":"info","ts":1621753343.9378846,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T07:02:55.006535649Z {"level":"error","ts":1621753375.0062602,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60417105) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":5,"retrying_in":600,"elapsed":757.079859178,"max_duration":2592000}
23T07:12:55.472258201Z {"level":"info","ts":1621753975.4720328,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T07:13:25.495929004Z {"level":"error","ts":1621754005.49575,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60423110) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":6,"retrying_in":1200,"elapsed":1387.569382675,"max_duration":2592000}
23T07:33:25.689611606Z {"level":"info","ts":1621755205.6894023,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T07:33:55.714773042Z {"level":"error","ts":1621755235.7145023,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60435163) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":7,"retrying_in":1200,"elapsed":2617.788135032,"max_duration":2592000}
23T07:53:56.130352525Z {"level":"info","ts":1621756436.1301584,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T07:54:26.258662023Z {"level":"error","ts":1621756466.2584913,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60446136) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":8,"retrying_in":1800,"elapsed":3848.332123835,"max_duration":2592000}
2021-05-23T08:24:26.642979090Z {"level":"info","ts":1621758266.64273,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T08:24:56.667931922Z {"level":"error","ts":1621758296.667683,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60461375) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":9,"retrying_in":1800,"elapsed":5678.741315282,"max_duration":2592000}
23T08:54:58.812044007Z {"level":"info","ts":1621760098.8118076,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T08:55:28.854620596Z {"level":"error","ts":1621760128.8543692,"logger":"tls.obtain","msg":"will retry","error":"[www.dumbunz.com] Obtain: [www.dumbunz.com] solving challenges: presenting for challenge: easydns: error adding zone record: Put \"https://rest.easydns.net/zones/records/add/dumbunz.com/TXT?format=json\": context deadline exceeded (Client.Timeout exceeded while awaiting headers) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/19132318/60476527) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":10,"retrying_in":3600,"elapsed":7510.928001566,"max_duration":2592000}
2021-05-23T09:46:45.330616572Z {"level":"info","ts":1621763205.330226,"msg":"shutting down apps then terminating","signal":"SIGTERM"}
2021-05-23T09:46:45.840477902Z 2021/05/23 09:46:45 [INFO] Skipping default Caddyfile because no path is set
2021-05-23T09:46:45.840514122Z [INFO] Skipping configs because swarm is not available
2021-05-23T09:46:45.840517922Z [INFO] Skipping services because swarm is not available
2021-05-23T09:46:45.840521172Z 2021/05/23 09:46:45 [INFO] New Caddyfile:
2021-05-23T09:46:45.840524242Z {
2021-05-23T09:46:45.840527052Z acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
2021-05-23T09:46:45.840530442Z email XXXXX@gmail.com
2021-05-23T09:46:45.840533442Z }
2021-05-23T09:46:45.840536283Z (dns-challenge) {
2021-05-23T09:46:45.840539113Z tls {
2021-05-23T09:46:45.840541913Z dns lego_deprecated easydns
2021-05-23T09:46:45.840544813Z }
2021-05-23T09:46:45.840547653Z }
2021-05-23T09:46:45.840550493Z (internal-only) {
2021-05-23T09:46:45.840554623Z @public_networks not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
2021-05-23T09:46:45.840557613Z respond @public_networks 403 {
2021-05-23T09:46:45.840560473Z close
2021-05-23T09:46:45.840563363Z }
2021-05-23T09:46:45.840566213Z }
2021-05-23T09:46:45.840568993Z (www-redirect) {
2021-05-23T09:46:45.840571903Z redir https://www.{hostport}{uri}
2021-05-23T09:46:45.840574813Z }
2021-05-23T09:46:45.840577573Z www.dumbunz.com {
2021-05-23T09:46:45.840580393Z import dns-challenge
2021-05-23T09:46:45.840583213Z import internal-only
2021-05-23T09:46:45.840586053Z import www-redirect
2021-05-23T09:46:45.840588953Z reverse_proxy 172.25.0.9:8000
2021-05-23T09:46:45.840591793Z }
2021-05-23T09:46:45.840837148Z 2021/05/23 09:46:45 [INFO] New Config JSON:
2021-05-23T09:46:45.840919278Z {"apps":{"http":{"servers":{"srv0":{"listen":[":443"],"routes":[{"match":[{"host":["www.dumbunz.com"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://www.{http.request.hostport}{http.request.uri}"]},"status_code":302}]},{"handle":[{"close":true,"handler":"static_response","status_code":403}],"match":[{"not":[{"remote_ip":{"ranges":["192.168.0.0/16","172.16.0.0/12","10.0.0.0/8"]}}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"172.25.0.9:8000"}]}]}]}],"terminal":true}]}}},"tls":{"automation":{"policies":[{"subjects":["www.dumbunz.com"],"issuer":{"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","challenges":{"dns":{"provider":{"name":"lego_deprecated","provider_name":"easydns"}}},"email":"XXXXX@gmail.com","module":"acme"}},{"issuer":{"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","email":"XXXXX@gmail.com","module":"acme"}}]}}}}
2021-05-23T09:46:45.840937259Z 2021/05/23 09:46:45 [INFO] Sending configuration to localhost
2021-05-23T09:46:45.841585660Z {"level":"info","ts":1621763205.8414717,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_addr":"127.0.0.1:49182","headers":{"Accept-Encoding":["gzip"],"Content-Length":["992"],"Content-Type":["application/json"],"User-Agent":["Go-http-client/1.1"]}}
2021-05-23T09:46:46.331127056Z {"level":"info","ts":1621763206.3309476,"logger":"tls.obtain","msg":"releasing lock","identifier":"www.dumbunz.com"}
2021-05-23T09:46:46.331316828Z {"level":"info","ts":1621763206.3309352,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc0001d4540"}
2021-05-23T09:46:46.331548243Z 2021/05/23 09:46:46 [ERROR] Unable to clean up lock: remove /data/caddy/locks/cert_acme_www.dumbunz.com_acme-staging-v02.api.letsencrypt.org-directory.lock: no such file or directory (lock=cert_acme_www.dumbunz.com_acme-staging-v02.api.letsencrypt.org-directory storage=FileStorage:/data/caddy)
2021-05-23T09:46:46.331575252Z {"level":"error","ts":1621763206.3315027,"logger":"tls","msg":"job failed","error":"www.dumbunz.com: obtaining certificate: context canceled"}
2021-05-23T09:46:46.332060541Z {"level":"info","ts":1621763206.3319404,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
2021-05-23T09:46:46.332303125Z {"level":"info","ts":1621763206.3322089,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000274310"}
2021-05-23T09:46:46.333615336Z {"level":"info","ts":1621763206.3334942,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
2021-05-23T09:46:46.333633396Z {"level":"info","ts":1621763206.3335204,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
2021-05-23T09:46:46.334019831Z {"level":"info","ts":1621763206.3338625,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["www.dumbunz.com"]}
2021-05-23T09:46:46.334207465Z {"level":"info","ts":1621763206.3340425,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
2021-05-23T09:46:46.334244146Z {"level":"info","ts":1621763206.334049,"logger":"admin.api","msg":"load complete"}
2021-05-23T09:46:46.334358678Z {"level":"info","ts":1621763206.3342175,"logger":"tls.obtain","msg":"acquiring lock","identifier":"www.dumbunz.com"}
2021-05-23T09:46:46.334451879Z 2021/05/23 09:46:46 [INFO] Successfully configured localhost
2021-05-23T09:46:46.334484629Z {"level":"info","ts":1621763206.334329,"logger":"tls.obtain","msg":"lock acquired","identifier":"www.dumbunz.com"}
2021-05-23T09:46:46.335114039Z {"level":"info","ts":1621763206.3350012,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["www.dumbunz.com"]}
2021-05-23T09:46:46.335124879Z {"level":"info","ts":1621763206.335034,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["www.dumbunz.com"]}
23T09:46:46.672575680Z {"level":"info","ts":1621763206.6723936,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.dumbunz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
2021-05-23T09:46:46.831848779Z {"level":"info","ts":1621763206.8316658,"logger":"admin","msg":"stopped previous server"}
2021-05-23T09:46:46.831891321Z {"level":"info","ts":1621763206.8317144,"msg":"shutdown done","signal":"SIGTERM"}
5. What I already tried:
Since the error is related to adding the zone record I made sure the zone records are getting added in my DNS provider’s (easyDNS) control panel, and they are getting created for sure. Everytime Caddy retries, I get another txt record like so:
_acme-challenge.www.dumbunz.com XXXXXXXXXXXXXXXXXXXXX 120 sec
I’ve also tried disabling the CNAME wildcard on the domain to see if that was interfering with TXT record lookup.
Just to make sure, I validated that accessing www.dumbunz.com
in my browser produces an error, but that isn’t very surprising:
Secure Connection Failed
An error occurred during a connection to www.dumbunz.com. Peer reports it experienced an internal error.
Error code: SSL_ERROR_INTERNAL_ERROR_ALERT