1. Caddy version (caddy version
):
v2.4.6
2. How I run Caddy:
As installed by this script
a. System environment:
Caddy runs in an iocage jail on TrueNAS (FreeBSD) 12
b. Command:
service caddy start
c. Service/unit/compose file:
n/a
d. My complete Caddyfile or JSON config:
{
# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
email sysadmin@glod.studio
}
:2020 {
respond "Hello, world!"
}
cumulus.glod.studio {
encode gzip
reverse_proxy http://10.188.0.33
}
warden.glod.studio {
encode gzip
reverse_proxy http://10.188.0.43:4567
collabora.glod.studio {
encode gzip
@collabora {
path /loleaflet/* # Loleaflet is the client part of LibreOffice
path /hosting/discovery # WOPI discovery URL
path /hosting/capabilities # Show capabilities as json
path /lool/* # Main websocket, uploads/downloads, presentations
}
reverse_proxy @collabora http://10.188.0.35:9980
}
octoprint.lan.glod.studio {
reverse_proxy http://10.188.0.44:5000
tls {
dns lego_deprecated domeneshop
}
3. The problem I’m having:
I’ve been using Caddy for a while as a reverse proxy for a couple of public services (Nextcloud/Collabora, Vaultwarden) and it’s worked well so far.
I would also like to use Caddy as a reverse proxy for some internal web interfaces (Node-Red and Octoprint, plus a few others). I’ll need to use the DNS challenge as the subdomain .lan.glod.studio is internal only and has no A record. The only support for my provider (Domeneshop) is by means of the lego-deprecated plugin. I’ll need to set the Domeneshop API token and secret using environment variables, but I must admit I can’t figure out how to pass those to Caddy.
4. Error messages and/or full log output:
{"level":"info","ts":1644186567.9219067,"msg":"using provided configuration","config_file":"/usr/local/www/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1644186567.9241796,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
{"level":"info","ts":1644186567.9243329,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00063f6c0"}
{"level":"info","ts":1644186567.9243772,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc00063f6c0"}
run: loading initial config: loading new config: loading http app module: provision http: getting tls app: loading tls app module: provision tls: provisioning automation policy 0: loading TLS automation management module: position 0: loading module 'acme': provision tls.issuance.acme: loading DNS provider module: loading module 'lego_deprecated': provision dns.providers.lego_deprecated: domeneshop: some credentials information are missing: DOMENESHOP_API_TOKEN,DOMENESHOP_API_SECRET
start: caddy process exited with error: exit status 1
5. What I already tried:
To get started I just tried using setenv (FreeBSD’s equivalent to export),
setenv DOMENESHOP_API_TOKEN mytoken
setenv DOMENESHOP_API_SECRET mysecret
And I checked the output of env to make sure that they’d been properly set. Didn’t work. I also tried using rc.conf,
sysrc caddy_env="DOMENESHOP_API_TOKEN=mytoken DOMENESHOP_API_SECRET=mysecret"
and a reboot, but that didn’t work either.