1. My Caddy version (caddy version
):
latest v2 alpine docker
2. How I run Caddy:
docker-compose
a. System environment:
v2 latest alpine docker
b. Command:
CURRENT_UID=$(id -u):$(id -g) docker-compose up
c. Service/unit/compose file:
# run this with: " CURRENT_UID=$(id -u):$(id -g) docker-compose up ""
version: "3"
services:
caddykraken:
image: caddy_kraken
container_name: caddykraken
hostname: caddykraken
user: root
# user: ${CURRENT_UID}
ports:
- 443:443
- 80:80
# - 2020:2020
volumes:
# Just a note - as of the latest caddy/caddy images, these locations are now /config/caddy and /data/caddy. See the (new!) docs for some details: https://github.com/caddyserver/caddy-docker#️-a-note-about-persisted-data 1
- "./caddy_secrets/data_lets_encrypt_storage:/data"
- "./caddy_secrets/config_storage:/config"
d. My complete Caddyfile or JSON config:
{
email zournyque@gmail.com
# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
}
translatum.xyz {
respond "let the neurons flow - translatum.xyz!"
}
# perception studies
perception.translatum.xyz {
reverse_proxy {
to perceptionist:8888
}
}
glio.translatum.xyz {
reverse_proxy {
to bratsstarz:80
}
}
pneumonia.translatum.xyz {
reverse_proxy {
to pneustarz:80
}
}
# kraken
corona.translatum.xyz {
reverse_proxy {
to coronakraken:80
}
}
kraken.translatum.xyz {
respond "high 8 - long live the kraken on translatum.xyz!"
}
corona.kraken.translatum.xyz {
reverse_proxy {
to localhost:8080
}
}
redis.kraken.translatum.xyz {
reverse_proxy {
to localhost:6379
}
}
aioh.kraken.translatum.xyz {
reverse_proxy {
to localhost:8889
}
}
formidable.kraken.translatum.xyz {
reverse_proxy {
to localhost:3020
}
}
3. The problem I’m having:
Hi,
my backend servers, are running at a server with no public ip to be accessed from the internet. therefore I have setup an ssh-tunnel to my frontend server, which has this connection.
The various backend servers should all be reachable with sub-subdomains of kraken.translatum.xyz, e.g. redis.translatum.xyz. However caddy is complaining about missing dns entries. Unfortunately at my domain provider (strato.de ) I can only setup A and AAAA records for domains and subdomains, not sub-subdomains.
4. Error messages and/or full log output:
percy | 2020/03/29 08:35:53 [INFO] [aioh.kraken.translatum.xyz] acme: Could not find solver for: tls-alpn-01
percy | 2020/03/29 08:35:53 [INFO] [aioh.kraken.translatum.xyz] acme: use http-01 solver
percy | 2020/03/29 08:35:53 [INFO] [aioh.kraken.translatum.xyz] acme: Trying to solve HTTP-01
percy | 2020/03/29 08:35:53 [INFO] [formidable.kraken.translatum.xyz] acme: Obtaining bundled SAN certificate given a CSR
percy | 2020/03/29 08:35:53 [INFO] [formidable.kraken.translatum.xyz] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136226
percy | 2020/03/29 08:35:53 [INFO] [formidable.kraken.translatum.xyz] acme: Could not find solver for: tls-alpn-01
percy | 2020/03/29 08:35:53 [INFO] [formidable.kraken.translatum.xyz] acme: use http-01 solver
percy | 2020/03/29 08:35:53 [INFO] [formidable.kraken.translatum.xyz] acme: Trying to solve HTTP-01
percy | 2020/03/29 08:35:53 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136225
percy | 2020/03/29 08:35:53 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136225
percy | 2020/03/29 08:35:53 [ERROR] acme: Error -> One or more domains had a problem:
percy | [aioh.kraken.translatum.xyz] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for aioh.kraken.translatum.xyz - check that a DNS record exists for this domain, url:
percy | (challenge=http-01 remaining=[])
percy | 2020/03/29 08:35:54 [INFO] [corona.kraken.translatum.xyz] acme: Obtaining bundled SAN certificate given a CSR
percy | 2020/03/29 08:35:54 [INFO] [corona.kraken.translatum.xyz] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136230
percy | 2020/03/29 08:35:54 [INFO] [corona.kraken.translatum.xyz] acme: Could not find solver for: tls-alpn-01
percy | 2020/03/29 08:35:54 [INFO] [corona.kraken.translatum.xyz] acme: use http-01 solver
percy | 2020/03/29 08:35:54 [INFO] [corona.kraken.translatum.xyz] acme: Trying to solve HTTP-01
percy | 2020/03/29 08:35:55 [ERROR] attempt 2: [redis.kraken.translatum.xyz] Obtain: [redis.kraken.translatum.xyz] acme: Error -> One or more domains had a problem:
percy | [redis.kraken.translatum.xyz] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for redis.kraken.translatum.xyz - check that a DNS record exists for this domain, url:
percy | - retrying in 2m0s (1m17.674394657s/720h0m0s elapsed)...
percy | 2020/03/29 08:35:55 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136230
percy | 2020/03/29 08:35:55 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136230
percy | 2020/03/29 08:35:55 [ERROR] acme: Error -> One or more domains had a problem:
percy | [corona.kraken.translatum.xyz] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for corona.kraken.translatum.xyz - check that a DNS record exists for this domain, url:
percy | (challenge=http-01 remaining=[])
percy | 2020/03/29 08:35:55 [ERROR] attempt 2: [aioh.kraken.translatum.xyz] Obtain: [aioh.kraken.translatum.xyz] acme: Error -> One or more domains had a problem:
percy | [aioh.kraken.translatum.xyz] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for aioh.kraken.translatum.xyz - check that a DNS record exists for this domain, url:
percy | - retrying in 2m0s (1m18.487564881s/720h0m0s elapsed)...
percy | 2020/03/29 08:35:57 [ERROR] attempt 2: [corona.kraken.translatum.xyz] Obtain: [corona.kraken.translatum.xyz] acme: Error -> One or more domains had a problem:
percy | [corona.kraken.translatum.xyz] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for corona.kraken.translatum.xyz - check that a DNS record exists for this domain, url:
percy | - retrying in 2m0s (1m20.251783503s/720h0m0s elapsed)...
percy | 2020/03/29 08:35:58 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136226
percy | 2020/03/29 08:35:58 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/46136226
percy | 2020/03/29 08:35:58 [ERROR] acme: Error -> One or more domains had a problem:
percy | [formidable.kraken.translatum.xyz] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for formidable.kraken.translatum.xyz - check that a DNS record exists for this domain, url:
percy | (challenge=http-01 remaining=[])
percy | 2020/03/29 08:36:00 [ERROR] attempt 2: [formidable.kraken.translatum.xyz] Obtain: [formidable.kraken.translatum.xyz] acme: Error -> One or more domains had a problem:
5. What I already tried:
I have no clue what I should try…maybe I could change my backend servers to things like…
kraken.translatum.xyz/redis ? but ideally I would like to stick to the sub-subdomain scheme.