1. Caddy version (caddy version
):
lucaslorentz/caddy-docker-proxy:ci-alpine
2. How I run Caddy:
a. System environment:
Docker
b. Service/unit/compose file:
##_____________________ Caddy [CLOUD/web-proxy]
caddy:
container_name: caddy-proxy
image: lucaslorentz/caddy-docker-proxy:ci-alpine
restart: always
networks:
- web-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- $DOCKERDIR/caddy/caddy_data:/data
- $DOCKERDIR/caddy/config:/config
volumes_from:
- nextcloud
ports:
- 80:80
- 443:443
labels:
caddy_0: http://adguard.o
caddy_0.reverse_proxy: host.docker.internal:3000
##
##____________________ NextCloud TESTED V21.0 [CLOUD/Files/NextCloud]
nextcloud:
image: nextcloud:fpm-alpine
container_name: nextcloud
restart: always
mem_limit: 2048m
mem_reservation: 512m
networks:
- web-proxy
- nextcloud
depends_on:
- nextcloud-db
- nextcloud-cache
environment:
NEXTCLOUD_DATA_DIR: /var/nextdata
NEXTCLOUD_TRUSTED_DOMAINS: next.$DOMAIN
NEXTCLOUD_ADMIN_USER: $ADMIN
NEXTCLOUD_ADMIN_PASSWORD: $ADMINPW
POSTGRES_HOST: nextcloud-db
POSTGRES_DB: nextcloud
POSTGRES_USER: $USER_INT
POSTGRES_PASSWORD: $PW_INT
REDIS_HOST: nextcloud-cache
#SMTP_HOST: $SMTPHOST
#SMTP_SECURE: tls
#SMTP_NAME: $SMTPUSER
#SMTP_PASSWORD: $SMTPPASS
#SMTP_FROM_ADDRESS: $EMAIL
#SMTP_PORT: 587
volumes:
- $DOCKERDIR/nextcloud/var/nextdata:/var/nextdata
- $DOCKERDIR/nextcloud/var/www/html:/var/www/html
- $DOCKERDIR/nextcloud/var/www/html/config:/var/www/html/config
labels:
caddy: next.$DOMAIN
caddy.tls: $EMAIL
caddy.file_server: ""
caddy.root: "* /var/www/html"
caddy.php_fastcgi: "{{upstreams 9000}}"
caddy.php_fastcgi.root: "/var/www/html"
caddy.php_fastcgi.env: "front_controller_active true"
caddy.encode: gzip
caddy.redir_0: "/.well-known/carddav /remote.php/dav 301"
caddy.redir_1: "/.well-known/caldav /remote.php/dav 301"
caddy.header.Strict-Transport-Security: '"max-age=15768000;includeSubDomains;preload"'
##____________________ NextCloud [CLOUD/Files/NextCloud/database]
nextcloud-db:
container_name: nextcloud-db
image: postgres:12-alpine
restart: always
networks:
- nextcloud
environment:
POSTGRES_USER: $USER_INT
POSTGRES_PASSWORD: $PW_INT
volumes:
- $DOCKERDIR/nextcloud/db:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
##____________________ NextCloud [CLOUD/Files/NextCloud/cache]
nextcloud-cache:
container_name: nextcloud-cache
image: redis:alpine
restart: always
mem_limit: 2048m
mem_reservation: 512m
networks:
- nextcloud
command: redis-server --requirepass $PW_INT
3. The problem I’m having:
In my browser when I connect to my domain the browser looks like the following error. SSL_ERROR_INTERNAL_ERROR_ALERT
4. Error messages and/or full log output:
{"level":"error","ts":1658754972.7507286,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"next.maraujo.rio.br","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"no valid A records found for next.maraujo.rio.br; no valid AAAA records found for next.maraujo.rio.br","instance":"","subproblems":[]}}
{"level":"error","ts":1658754972.7507784,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"next.maraujo.rio.br","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"no valid A records found for next.maraujo.rio.br; no valid AAAA records found for next.maraujo.rio.br","instance":"","subproblems":[]},"order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/62044554/3352707784","attempt":1,"max_attempts":3}
{"level":"info","ts":1658754974.1348803,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"next.maraujo.rio.br","challenge_type":"tls-alpn-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1658754974.757916,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"next.maraujo.rio.br","challenge_type":"tls-alpn-01","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"no valid A records found for next.maraujo.rio.br; no valid AAAA records found for next.maraujo.rio.br","instance":"","subproblems":[]}}
{"level":"error","ts":1658754974.7579682,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"next.maraujo.rio.br","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"no valid A records found for next.maraujo.rio.br; no valid AAAA records found for next.maraujo.rio.br","instance":"","subproblems":[]},"order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/62044554/3352708534","attempt":2,"max_attempts":3}
{"level":"error","ts":1658754974.7580044,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"next.maraujo.rio.br","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:dns - no valid A records found for next.maraujo.rio.br; no valid AAAA records found for next.maraujo.rio.br"}
{"level":"info","ts":1658755000.2393863,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"next.maraujo.rio.br","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
{"level":"error","ts":1658755321.2434974,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"next.maraujo.rio.br","issuer":"acme.zerossl.com-v2-DV90","error":"[next.maraujo.rio.br] solving challenges: [next.maraujo.rio.br] authorization took too long (order=https://acme.zerossl.com/v2/DV90/order/6jNX9ze5rsoXq2Jy_uGf6A) (ca=https://acme.zerossl.com/v2/DV90)"}
{"level":"error","ts":1658755321.2435598,"logger":"tls.obtain","msg":"will retry","error":"[next.maraujo.rio.br] Obtain: [next.maraujo.rio.br]
solving challenges: [next.maraujo.rio.br] authorization took too long (order=https://acme.zerossl.com/v2/DV90/order/6jNX9ze5rsoXq2Jy_uGf6A) (ca=https://acme.zerossl.com/v2/DV90)","attempt":5,"retrying_in":600,"elapsed":1754.20402283,"max_duration":2592000}
5. What I already tried:
I tried to register my dns as follows:
A record @ to myipserver
CNAME record next to maraujo.rio.br