1. Caddy version (caddy version
):
2.4.0-beta.2
2. How I run Caddy:
a. System environment:
ubuntu 20
b. Command:
caddy run
d. My complete Caddyfile or JSON config:
{
http_port 8010
https_port 8011
acme_dns alidns {
access_key_id "key"
access_key_secret "secret"
}
}
a.example.com {
reverse_proxy localhost:8080
tls {
dns alidns {
access_key_id "key"
access_key_secret "secret"
}
}
}
3. The problem I’m having:
my network’s 80 and 443 port are not reacheable,so i want use 8010 for http,and 8011 for https,
i write the Caddyfile above ,but some error occur
4. Error messages and/or full log output:
root@jesse:~# ./caddy run
2021/04/30 05:50:40.444 INFO using adjacent Caddyfile
2021/04/30 05:50:40.446 WARN input is not formatted with 'caddy fmt' {"adapter": "caddyfile", "file": "Caddyfile", "line": 2}
2021/04/30 05:50:40.448 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/04/30 05:50:40.451 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 8011}
2021/04/30 05:50:40.452 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0002637a0"}
2021/04/30 05:50:40.452 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2021/04/30 05:50:40.455 INFO http enabling automatic TLS certificate management {"domains": [""]}
2021/04/30 05:50:40.457 INFO tls cleaned up storage units
2021/04/30 05:50:40.457 INFO autosaved config (load with --resume flag) {"file": "/root/.config/caddy/autosave.json"}
2021/04/30 05:50:40.460 INFO serving initial configuration
2021/04/30 05:50:40.457 INFO tls.obtain acquiring lock {"identifier": ""}
2021/04/30 05:50:40.464 INFO tls.obtain lock acquired {"identifier": ""}
2021/04/30 05:50:40.474 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": [""]}
2021/04/30 05:50:40.476 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": [""]}
2021/04/30 05:50:42.375 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "u.jesse233.top", "challenge_type": "dns-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
DEBUG:> Request map to str: AccessKeyId=***d&Action=AddDomainRecord&DomainName=jesse233.top&Format=json&RR=_acme-challenge.u&SignatureMethod=HMAC-SHA1&SignatureNonce=1619761913059317650&SignatureVersion=1.0&TTL=600&Timestamp=2021-04-30T05%3A51%3A53Z&Type=TXT&Value=8DXf1HuiL79-aaV28ILLRp22YZkvFR1A8Iww1knMnq8&Version=2015-01-09
DEBUG:> URL to sign: GET&%2F&AccessKeyId%***E3i9z21d%26Action%3DAddDomainRecord%26DomainName%3Djesse233.top%26Format%3Djson%26RR%3D_acme-challenge.u%26SignatureMethod%3DHMAC-SHA1%26SignatureNonce%3D1619761913059317650%26SignatureVersion%3D1.0%26TTL%3D600%26Timestamp%3D2021-04-30T05%253A51%253A53Z%26Type%3DTXT%26Value%3D8DXf1HuiL79-aaV28ILLRp22YZkvFR1A8Iww1knMnq8%26Version%3D2015-01-09
DEBUG:> Request map to str: AccessKeyId=LTAI5tSdi6twq6efE3i9z21d&Action=DeleteDomainRecord&Format=json&RecordId=21687627850003456&SignatureMethod=HMAC-SHA1&SignatureNonce=1619761935580297787&SignatureVersion=1.0&Timestamp=2021-04-30T05%3A52%3A15Z&Version=2015-01-09
DEBUG:> URL to sign: GET&%2F&AccessKeyId%3D2015-01-09
2021/04/30 05:52:15.941 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": [""]}
2021/04/30 05:52:15.941 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": [""]}
2021/04/30 05:52:19.670 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "", "challenge_type": "dns-01", "ca": "https://acme.zerossl.com/v2/DV90"}
DEBUG:> Request map to str: AccessKeyId0&Timestamp=2021-04-30T05%3A52%3A19Z&Type=TXT&Value=YC9SWKzhvxdCj7cZJ2VBzPXkJrdjwJ4tWlzJUtwm6jo&Version=2015-01-09
DEBUG:> URL to sign: GET&%3DTXT%26Value%3DYC9SWKzhvxdCj7cZJ2VBzPXkJrdjwJ4tWlzJUtwm6jo%26Version%3D2015-01-09
DEBUG:> Request map to str: AccessKeyId9
DEBUG:> URL to sign: GET&%2F&AccessKeyId%3D2015-01-09
2021/04/30 05:54:05.671 ERROR tls.obtain will retry {"error": "[] Obtain: [] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of _acme-challenge.: read tcp 192.168.2.111:59066->106.11.211.70:53: i/o timeout (order=https://acme.zerossl.com/v2/DV90/order/Es2jAcWl9vERLNo7qkwHfQ) (ca=https://acme.zerossl.com/v2/DV90)", "attempt": 1, "retrying_in": 60, "elapsed": 205.206058478, "max_duration": 2592000}
5. What I already tried:
i’ve tried google,but can;t find the reason