# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target
[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
Hmmm. I just added a new sub-domain under /etc/caddy/Caddyfile, restarted… And now api.voidbot.ai gets a SSL cert just fine, but the new sub-domain fails instead.
All domains works fine now, I didn’t even change anything, interesting.
Just to answer this question in case anyone else is interested:-
I hope it all does work now, because you can use only Cloudflare certs, but that involves grabbing their origin certificate and specifying it for all your sites with tls cert key, which will disable all Automatic HTTPS features. It will be much smoother without that, when Caddy manage your certificates itself.