1. Caddy version (caddy version
):
2.3
2. How I run Caddy:
a. System environment:
Running caddy via docker-compose
b. Command:
docker-compose up
c. Service/unit/compose file:
version: '3.8'
services:
caddy:
image: caddy:latest
container_name: caddy
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./caddy_data:/data
- ./caddy_config:/config
- ./site:/usr/share/caddy/docs
ports:
- 80:80
- 443:443
restart: unless-stopped
~
d. My complete Caddyfile or JSON config:
192.168.100.100 {
root * /usr/share/caddy/docs
file_server
}
3. The problem I’m having:
What I am trying to achieve is to have https working on a local/private ip using docker.
So I would like to connect to https://192.168.100.100
Unfortunately I cannot connect to https.
4. Error messages and/or full log output:
{"level":"info","ts":1610465476.8707533,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1610465476.888572,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
{"level":"info","ts":1610465476.891617,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x2388eb0"}
{"level":"info","ts":1610465476.891653,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1610465476.892956,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1610465476.9287758,"logger":"tls","msg":"cleaned up storage units"}
{"level":"warn","ts":1610465477.1552107,"logger":"pki.ca.local","msg":"installing root certificate (you might be prompted for password)","path":"storage:pki/authorities/local/root.crt"}
2021/01/12 15:31:17 Warning: "certutil" is not available, install "certutil" with "apt install libnss3-tools" or "yum install nss-tools" and try again
2021/01/12 15:31:17 define JAVA_HOME environment variable to use the Java trust
2021/01/12 15:31:17 certificate installed properly in linux trusts
{"level":"info","ts":1610465477.334109,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["192.168.100.100"]}
{"level":"warn","ts":1610465477.3459907,"logger":"tls","msg":"stapling OCSP","error":"no OCSP stapling for [192.168.100.100]: no OCSP server specified in certificate"}
{"level":"info","ts":1610465477.3467617,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1610465477.3468492,"msg":"serving initial configuration"}
5. What I already tried:
I know that http is working, when I use
192.168.100.100:80 {
root * /usr/share/caddy/docs
file_server
}
I am able to access it.
It does give me a warning about certutil not being available.
But after that it says that the certificate has been properly installed.
If I run the binary on the raspberry pi without docker I am able to access it via https.
So it seems to be possible.