1. Output of caddy version:
2. How I run Caddy:
docker compose
a. System environment:
Client: Docker Engine - Community
Version: 20.10.5
API version: 1.41
Go version: go1.13.15
Git commit: 55c4c88
Built: Tue Mar 2 20:18:46 2021
OS/Arch: linux/arm
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.5
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 363e9a8
Built: Tue Mar 2 20:16:18 2021
OS/Arch: linux/arm
Experimental: false
containerd:
Version: 1.4.4
GitCommit: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc:
Version: 1.0.0-rc93
GitCommit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
docker-init:
Version: 0.19.0
GitCommit: de40ad
b. Command:
docker-compose up
c. Service/unit/compose file:
version: '3'
services:
bitwarden:
image: vaultwarden/server:latest
container_name: bitwarden
restart: always
environment:
- WEBSOCKET_ENABLED=true # Enable WebSocket notifications.
- SIGNUPS_ALLOWED=false
- ADMIN_TOKEN=
volumes:
- ./bw-data:/data
# jellyfin:
# image: jellyfin/jellyfin:latest
# container_name: jellyfin
# restart: always
# logging:
# driver: none
# volumes:
# - ./jellyfin-config:/config
# - ./jellyfin-cache:/cache
# - /mnt:/media
# ports:
# - 5001:5001
# - 8096:8096
radarr:
image: lscr.io/linuxserver/radarr
container_name: radarr
links:
- qbittorrent
- jackett
environment:
- PUID=0
- PGID=0
- TZ=Asia/Kolkata
volumes:
- ./radarr-config:/config
- /mnt/Movies:/movies
ports:
- 7878:7878
bazarr:
image: lscr.io/linuxserver/bazarr
container_name: bazarr
links:
- radarr
- qbittorrent
- sonarr
- jackett
environment:
- PUID=0
- PGID=0
- TZ=Asia/Kolkata
volumes:
- ./bazarr-config:/config
- /mnt/Movies:/movies
- /mnt/Tv Searies:/tv
ports:
- 6767:6767
sonarr:
image: lscr.io/linuxserver/sonarr
container_name: sonarr
links:
- qbittorrent
- jackett
environment:
- PUID=0
- PGID=0
- TZ=Asia/Kolkata
volumes:
- ./sonarr-config:/config
- /mnt/Tv Searies:/tv
ports:
- 8989:8989
caddy:
build:
context: ./caddy-build
dockerfile: caddy.Dockerfile
container_name: caddy
restart: always
ports:
- 80:80 # Needed for the ACME HTTP-01 challenge.
- 443:443
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- ./caddy-config:/config
- ./caddy-data:/data
- ./caddy-certs:/certs
environment:
- EMAIL=<gmail> # The email address to use for ACME registration.
- LOG_FILE=/data/access.log
- ACME_AGREE=true
- CLOUDFLARE_EMAIL=<gmail>
filebrowser:
image: filebrowser/filebrowser
container_name: filebrowser
volumes:
- ./filebrowser.db:/database.db
- ./.filebrowser.json:/.filebrowser.json
- /:/srv
ports:
- 7000:7000
synctube:
image: ghcr.io/daggy1234/synctube
container_name: synctube
volumes:
- ./synctube-user:/user
ports:
- "4200:4200"
qbittorrent:
image: lscr.io/linuxserver/qbittorrent
container_name: qbittorret
environment:
- PUID=0
- PGID=0
- TZ=Asia/Kolkata
- WEBUI_PORT=8080
volumes:
- ./qbit-config:/config
- /mnt/Downloads:/downloads
- /mnt/Movies:/movies
- /mnt/Tv Searies:/tv
ports:
- 6881:6881
- 6881:6881/udp
- 8080:8080
jackett:
image: lscr.io/linuxserver/jackett
container_name: jackett
environment:
- PUID=0
- PGID=0
- TZ=Asia/Kolkata
- AUTO_UPDATE=true
volumes:
- ./jackett-config:/config
- /mnt/Downloads:/downloads
ports:
- 9117:9117
plex:
image: lscr.io/linuxserver/plex
container_name: plex
network_mode: host
environment:
- PUID=0
- PGID=0
- VERSION=docker
- PLEX_CLAIM=claim-zS_jBeyCHziNhAWvA7LF
volumes:
- /mnt/Movies:/movies
- /mnt/Tv Searies:/tv
- /mnt/plex-config:/config
- /mnt/plex-transcode:/transcode
tautulli:
image: ghcr.io/tautulli/tautulli
container_name: tautulli
links:
- plex
volumes:
- /mnt/tautulli-config:/config
environment:
- PUID=0
- PGID=0
- TZ=Asia/Kolkata
ports:
- 8181:8181
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=0
- PGID=0
- TZ=Asia/Kolkata
- SERVERURL=
- SERVERPORT=51820 #optional
- PEERS=2 #optional
- PEERDNS=auto #optional
- INTERNAL_SUBNET=10.13.13.0 #optional
- ALLOWEDIPS=0.0.0.0/0 #optional
- LOG_CONFS=true #optional
volumes:
- /lib/modules:/lib/modules
- ./wireguard-config:/config
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped
d. My complete Caddy config:
bitward.daggy.tech:443 {
encode gzip
reverse_proxy /notifications/hub bitwarden:3012
reverse_proxy bitwarden:80 {
header_up X-Real-IP {remote_host}
}
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
imoog.daggy.tech {
reverse_proxy 192.168.1.69:6969
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
qbit.daggy.tech {
reverse_proxy 192.168.1.69:8080
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
sonarr.daggy.tech {
reverse_proxy sonarr:8989
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
radarr.daggy.tech {
reverse_proxy radarr:7878
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
subs.daggy.tech {
reverse_proxy bazarr:6767
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
plex.daggy.tech {
reverse_proxy plex:32400
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
plexstat.daggy.tech {
reverse_proxy tautulli:8181
tls /certs/daggy.tech.pem /certs/daggy.tech.key
}
3. The problem I’m having:
4. Error messages and/or full log output:
no errors explicitly in logs
I get this error Firefox no longer trusts my internal certificate authority used for internal sites on our domain. | Firefox Support Forum | Mozilla Support
5. What I already tried:
- I have tried not specifying my Cloudflare TLS certs and it doesn’t work at all
6. Links to relevant resources:
ip address is my server
Do let me know what I can do!