1. Caddy version (caddy version
): v2.4.6
2. How I run Caddy:
a. System environment: Windows 10 x64
b. Command:
Caddy Start
c. Service/unit/compose file:
N/A
d. My complete Caddyfile or JSON config:
{
email me@email.co.uk
}
home.chewie.co.uk {
encode gzip
log {
output file C:\Caddy\logs\access.log {
roll true # Rotate logs, enabled by default
roll_size_mb 5 # Set max size 5 MB
roll_gzip true # Whether to compress rolled files
roll_local_time true # Use localhost time
roll_keep 2 # Keep at most 2 log files
roll_keep_days 7 # Keep log files for 7 days
}
}
# https://radarr.media/
reverse_proxy /radarr* 127.0.0.1:7878
# https://sonarr.tv/
reverse_proxy /sonarr* 127.0.0.1:8989
# https://bazarr.media
reverse_proxy /bazarr* 127.0.0.1:6767
# https://nzbget.net/
reverse_proxy /nzbget* 127.0.0.1:6789
# https://transmissionbt.com/
#reverse_proxy /transmission* 127.0.0.1:9091/gui
# https://tautulli.com/
reverse_proxy /tautulli* 127.0.0.1:8181
# https://hoobs.org
#reverse_proxy /hoobs* 192.168.0.10:8080
# https://www.qbittorrent.org
#reverse_proxy /qbit* 127.0.0.1:8081
}
3. The problem Iâm having:
- Caddy is fully accessible on my network and I can successfully access each of the services above from any device on my network
- Caddy is NOT accessible from outside my network
- When running caddy start I get an error statingâŚ
2022/04/19 18:55:20.588 ERROR tls.issuance.acme.acme_client challenge failed {"identifier": "home.chewie.co.uk", "challenge_type": "http-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}}
2022/04/19 18:55:20.588 ERROR tls.issuance.acme.acme_client validating authorization {"identifier": "home.chewie.co.uk", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/105195964/81561771440", "attempt": 1, "max_attempts": 3}
- However, I can see that the A record is updated on my Dynamic DNS service
- I do have port 80 and port 443 redirected on my Load Balancer Router, but I am not convinced it is working correctly, or perhaps there is a conflict?
- The reason i think there may be a conflict is because whilst both my WAN modems are in bridge mode, the IP address that is shown for them on my load balancer dashboard is never the same âinternet IP addressâ that is shown when I do âWhatâs my IP etcâ in Google.
-
I have tried to set the Dynamic DNS to both the two Wan IP addresses, and the âinternet IP addressâ but nothing has worked.
-
I even set the Windows machine running Caddy into the router DMZ but it didnât help
-
I have QBit Torrent running the web GUI and I canât access that using the home.chewie.co.uk:8081 remotely, but it works internally. This makes me suspect a Dynamic DNS / routing error instead of a Caddy specific error
-
Pinging home.chewie.co.uk remotely also results in a timeout error.
-
Curl - v also isnât looking great?
curl -v home.chewie.co.uk/radarr
* Trying 100.77.138.223:80...
* Connected to home.chewie.co.uk (100.77.138.223) port 80 (#0)
> GET /radarr HTTP/1.1
> Host: home.chewie.co.uk
> User-Agent: curl/7.79.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://home.chewie.co.uk/radarr
< Server: Caddy
< Date: Tue, 19 Apr 2022 18:56:07 GMT
< Content-Length: 0
<
* Closing connection 0
4. Error messages and/or full log output:
C:\Caddy>caddy start
2022/04/19 18:55:17.865 â[34mINFOâ[0m using adjacent Caddyfile
2022/04/19 18:55:17.871 â[34mINFOâ[0m admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2022/04/19 18:55:17.872 â[34mINFOâ[0m tls.cache.maintenance started background certificate maintenance {"cache": "0xc0003e42a0"}
2022/04/19 18:55:17.872 â[34mINFOâ[0m http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2022/04/19 18:55:17.872 â[34mINFOâ[0m http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2022/04/19 18:55:17.873 â[34mINFOâ[0m tls cleaning storage unit {"description": "FileStorage:C:\\Users\\Chewie\\AppData\\Roaming\\Caddy"}
2022/04/19 18:55:17.874 â[34mINFOâ[0m http enabling automatic TLS certificate management {"domains": ["home.chewie.co.uk"]}
2022/04/19 18:55:17.878 â[34mINFOâ[0m autosaved config (load with --resume flag) {"file": "C:\\Users\\Chewie\\AppData\\Roaming\\Caddy\\autosave.json"}
2022/04/19 18:55:17.878 â[34mINFOâ[0m serving initial configuration
Successfully started Caddy (pid=12908) - Caddy is running in the background
2022/04/19 18:55:17.880 â[34mINFOâ[0m tls finished cleaning storage units
C:\Caddy>2022/04/19 18:55:17.887 INFO tls.renew acquiring lock {"identifier": "home.chewie.co.uk"}
2022/04/19 18:55:17.912 INFO tls.renew lock acquired {"identifier": "home.chewie.co.uk"}
2022/04/19 18:55:17.912 INFO tls.renew renewing certificate {"identifier": "home.chewie.co.uk", "remaining": 2555737.0871992}
2022/04/19 18:55:17.913 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["home.chewie.co.uk"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": "dean@chewie.co.uk"}
2022/04/19 18:55:17.913 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["home.chewie.co.uk"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": "dean@chewie.co.uk"}
2022/04/19 18:55:19.379 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "home.chewie.co.uk", "challenge_type": "http-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2022/04/19 18:55:20.588 ERROR tls.issuance.acme.acme_client challenge failed {"identifier": "home.chewie.co.uk", "challenge_type": "http-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}}
2022/04/19 18:55:20.588 ERROR tls.issuance.acme.acme_client validating authorization {"identifier": "home.chewie.co.uk", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/105195964/81561771440", "attempt": 1, "max_attempts": 3}
2022/04/19 18:55:22.230 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "home.chewie.co.uk", "challenge_type": "tls-alpn-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2022/04/19 18:55:23.386 ERROR tls.issuance.acme.acme_client challenge failed {"identifier": "home.chewie.co.uk", "challenge_type": "tls-alpn-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}}
2022/04/19 18:55:23.388 ERROR tls.issuance.acme.acme_client validating authorization {"identifier": "home.chewie.co.uk", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/105195964/81561780730", "attempt": 2, "max_attempts": 3}
2022/04/19 18:55:24.698 ERROR tls.renew could not get certificate from issuer {"identifier": "home.chewie.co.uk", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/"}
2022/04/19 18:55:24.700 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["home.chewie.co.uk"], "ca": "https://acme.zerossl.com/v2/DV90", "account": "dean@chewie.co.uk"}
2022/04/19 18:55:24.701 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["home.chewie.co.uk"], "ca": "https://acme.zerossl.com/v2/DV90", "account": "dean@chewie.co.uk"}
2022/04/19 18:55:30.213 ERROR http.handlers.reverse_proxy aborting with incomplete response {"error": "http2: stream closed"}
2022/04/19 18:55:30.217 ERROR http.handlers.reverse_proxy aborting with incomplete response {"error": "context canceled"}
2022/04/19 18:55:30.232 ERROR http.handlers.reverse_proxy aborting with incomplete response {"error": "context canceled"}
2022/04/19 18:55:30.251 ERROR http.handlers.reverse_proxy aborting with incomplete response {"error": "context canceled"}
2022/04/19 18:55:32.172 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "home.chewie.co.uk", "challenge_type": "http-01", "ca": "https://acme.zerossl.com/v2/DV90"}
2022/04/19 19:00:39.206 ERROR tls.renew could not get certificate from issuer {"identifier": "home.chewie.co.uk", "issuer": "acme.zerossl.com-v2-DV90", "error": "[home.chewie.co.uk] solving challenges: [home.chewie.co.uk] authorization took too long (order=https://acme.zerossl.com/v2/DV90/order/FOxWQflCs18J1Zp226oYgg) (ca=https://acme.zerossl.com/v2/DV90)"}
2022/04/19 19:00:39.206 ERROR tls.renew will retry {"error": "[home.chewie.co.uk] Renew: [home.chewie.co.uk] solving challenges: [home.chewie.co.uk] authorization took too long (order=https://acme.zerossl.com/v2/DV90/order/FOxWQflCs18J1Zp226oYgg) (ca=https://acme.zerossl.com/v2/DV90)", "attempt": 1, "retrying_in": 60, "elapsed": 321.2946833, "max_duration": 2592000}
2022/04/19 19:01:39.229 INFO tls.renew renewing certificate {"identifier": "home.chewie.co.uk", "remaining": 2555355.7706677}
2022/04/19 19:01:40.838 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "home.chewie.co.uk", "challenge_type": "tls-alpn-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2022/04/19 19:01:42.151 ERROR tls.issuance.acme.acme_client challenge failed {"identifier": "home.chewie.co.uk", "challenge_type": "tls-alpn-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}}
2022/04/19 19:01:42.151 ERROR tls.issuance.acme.acme_client validating authorization {"identifier": "home.chewie.co.uk", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}, "order": "https://acme-staging-v02.api.letsencrypt.org/acme/order/16955219/2353910214", "attempt": 1, "max_attempts": 3}
2022/04/19 19:01:43.713 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "home.chewie.co.uk", "challenge_type": "http-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2022/04/19 19:01:44.503 ERROR tls.issuance.acme.acme_client challenge failed {"identifier": "home.chewie.co.uk", "challenge_type": "http-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}}
2022/04/19 19:01:44.503 ERROR tls.issuance.acme.acme_client validating authorization {"identifier": "home.chewie.co.uk", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "no valid A records found for home.chewie.co.uk; no valid AAAA records found for home.chewie.co.uk", "instance": "", "subproblems": []}, "order": "https://acme-staging-v02.api.letsencrypt.org/acme/order/16955219/2353910374", "attempt": 2, "max_attempts": 3}
2022/04/19 19:01:46.324 ERROR tls.renew could not get certificate from issuer {"identifier": "home.chewie.co.uk", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[home.chewie.co.uk] solving challenges: home.chewie.co.uk: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[http-01 dns-01 tls-alpn-01] remaining=[dns-01]) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/16955219/2353910594) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
5. What I already tried:
- Upgraded Caddy to v2.4.6
- Changed multiple settings on the router to utilize a single WAN
- Rechecked port forwarding
- Tried machine in DMZ
- Changed settings in dynamic DNS on the router to use âinternet IPâ instead of âWan IPâ
- Searched the form for previous related posts
- It is also worth noting that before switching over to Caddy a couple of years back, i was able to access all the services such as Sonarr etc directly from remote machines. I just donât think it has worked properly with remote access since switching to Caddy.
Any help or advice is appreciated. Thanks