Dear Francis,
again many thanks for your answer.
My apololgies. I forgot to mention that I set up a Test with Caddy and the deprecated LEGO Plugin before. I gave up after several days of try and error, purged everything and started over with HTTP Challenge. Instead of the Brotli Plugin was the LEGO in the Dockerfile. I have to use LEGO as I use CloudNS as DNS provider, at least till mid 2022, and there is no plugin for the new DNS Challenge Module.
When I tried to use the DNS challenge with the LEGO Plugin I had a timeout problem. I see that the update on CloudNS is running, the SOA serial counts up. But because the DNS is still replicating (it takes around 5 minutes). The API call from LEGO to CloudNS is working therefore. LEGO tries to solve the DNS Challenge somewhat about 30 (or 60, not sure and I don’t have the logs anymore) seconds after the start. But because the update takes longer, it is unable to solve the DNS challenge and cancels the process. With the cancellation, the TXT entry is deleted. After some increasing cooldown period LEGO tries and fails again. When I set the timout env variable for LEGO and CloudNS, nothing happens. The problem is similar to this one: Caddy2 with DNS challenge and Namecheap in Docker - #11 by francislavoie
In the thread Timeout problems using dns-01 challenge @matt stated that there is a problem with env variables (last post).
But as this is a complete different Problem I would prefer to open another thread for it if needed. Maybe I find enough motivation to refresh my, very very rusted, programming skills and learn Go :).
Will look at it! Thanks for this information!
Thanks for this advice. As said in the entrypost, I’m not familiar with proxying. Just ask me plain networkstuff up to L3, including dynamic routing and some MPLS stuff ;). I will give it a try. And when I can convince one customer to not use http2 push anymore (even google has anounced the end http2 push support in Chrome), this should work fine.
What do you understand under untrusted code? I’m planning to run at least:
- PiHole
- at least 2 Wordpress Sites, one being migrated to static pages with HUGO (or similar) somwhen in 2021
- 1 EQDKP-Plus (PHP based CMS and Raidplanner)
- 1 Nextcloud or Owncloud instance
on this machine, all separated by docker.