1. The problem I’m having:
I’m configuring caddy to use the cloudflare DNS-01 challenge. I’ve already built cloudflare using xcaddy with the custom dns module for cloudflare.
2. Error messages and/or full log output:
ERROR tls.obtain could not get certificate from issuer {"identifier": "*.artello.network", "issuer": "acme.zerossl.com-v2-DV90", "error": "[*.artello.network] solving challenges: *.artello.network: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[dns-01] remaining=[dns-01]) (order=https://acme.zerossl.com/v2/DV90/order/7aJU_kELOZlHLRKCqpH0JQ) (ca=https://acme.zerossl.com/v2/DV90)"}
3. Caddy version:
Caddy version 2.7.6
4. How I installed and ran Caddy:
My build script is located here uplink-caddy/instellar.yml at develop · upmaru/uplink-caddy · GitHub
I’m running caddy using
a. System environment:
Alpine linux 3.18
b. Command:
caddy list-modules
Standard modules: 106
cache
caddy.storage.s3
dns.providers.cloudflare
http.handlers.cache
Non-standard modules: 4
c. Service/unit/compose file:
#!/sbin/openrc-run
# shellcheck shell=bash
name="uplink-caddy"
# shellcheck disable=2034
description="uplink-caddy service"
# shellcheck disable=2034
extra_commands="logs"
# shellcheck disable=2034
supervisor="s6"
# shellcheck disable=2034
s6_service_path="${RC_SVCDIR}/s6-scan/uplink-caddy"
logs() {
export HOME=/var/lib/uplink-caddy
cd /var/lib/uplink-caddy
command=/usr/bin/tail
/var/lib/uplink-caddy/bin/env-exec "${command} -f -n 100 /var/log/uplink-caddy/current"
}
depend() {
need net s6-svscan
}
start_pre() {
if [ ! -L "${RC_SVCDIR}/s6-scan/uplink-caddy" ]; then
echo "----- Updating Service files -----"
ln -s "/var/lib/uplink-caddy/service" "${RC_SVCDIR}/s6-scan/uplink-caddy"
fi
}
d. My complete Caddy config:
{
"admin":
{
"identity":
{
"identifiers":
[
"redacted"
],
"issuers":
[
{
"challenges":
{
"dns":
{
"provider":
{
"api_token": "redacted",
"name": "cloudflare"
}
},
"http":
{
"alternate_port": 0,
"disabled": false
},
"tls-alpn":
{
"alternate_port": 0,
"disabled": false
}
},
"module": "acme"
}
]
}
},
"apps":
{
"http":
{
"servers":
{
"uplink":
{
"listen":
[
":443"
],
"listener_wrappers":
[
{
"wrapper": "proxy_protocol"
},
{
"wrapper": "tls"
}
],
"logs":
{
"default_logger_name": "default"
},
"routes":
[
{
"group": "installation_1684",
"handle":
[
{
"handler": "reverse_proxy",
"health_checks":
{
"passive":
{
"fail_duration": "10s",
"max_fails": 3,
"unhealthy_latency": "30s",
"unhealthy_request_count": 80,
"unhealthy_status":
[
500,
501,
502,
503,
504
]
}
},
"load_balancing":
{
"selection_policy":
{
"policy": "least_conn"
}
},
"upstreams":
[
{
"dial": "laraone-19283d62-01:8000",
"max_requests": 100
}
]
}
],
"match":
[
{
"host":
[
"*.artello.network"
],
"path":
[
"*"
]
}
],
"terminal": false
}
]
}
}
}
},
"logging":
{
"logs":
{
"default":
{
"encoder":
{
"format": "console"
},
"writer":
{
"output": "stdout"
}
}
},
"sink":
{
"writer":
{
"output": "discard"
}
}
},
"storage":
{
"access_id": "redacted",
"bucket": "instellar-staging",
"host": "redacted",
"module": "s3",
"prefix": "uplink-1682",
"secret_key": "redacted"
}
}