1. My Caddy version (caddy -version
):
Caddy v1.0.3
2. How I run Caddy:
Caddy is managed by a systemd
unit file, hence it is run by using the systemctl
command.
a. System environment:
Ubuntu 18.04.3 LTS
b. Command:
systemctl start [EDITED_SERVICE_NAME]
systemctl status [EDITED_SERVICE_NAME]
c. Service/unit/compose file:
[Unit]
Description=All that stuff
Documentation=https://caddy.community/top/monthly
Wants=network.target
After=network.target
[Service]
Type=simple
DynamicUser=yes
ExecStart="/usr/local/bin/caddy" "-conf=/home/projects/[EDITED_PATH]"
Restart=always
RestartSec=30
[Install]
WantedBy=multi-user.target
d. My complete Caddyfile:
sub.domain.com {
log stdout
root /home/projects/[EDITED_PATH]
# Change the PHP FPM host and port if you use the non-default
fastcgi / /run/php/php5.6-fpm.sock php {
connect_timeout 1200s
read_timeout 1200s
send_timeout 1200s
}
rewrite / {
if {path} not_starts_with /admin
if {path} not_starts_with /storage
if {path} not_starts_with /extensions
if {path} not_starts_with /thumbnail
to {path} /index.php?{query}
}
limits 400MB
}
sub.domain.com {
log stdout
proxy / localhost:3000
}
3. The problem I’m having:
Whenever I start caddy from out of systemd - it works perfectly.
When I try to run it as a service - it fails to start with Acme 400 error
4. Error messages and/or full log output:
Firstly I’ve tried with additional -agree=true -email=[EMAIL] in unit.
Dec 04 14:28:24 [INSTANCE NAME] systemd[1]: Started Tests systemd to daemonize a server.
Dec 04 14:28:24 [INSTANCE NAME] caddy[2522]: Activating privacy features... 2019/12/04 14:28:24 [INFO] acme: Registering account for [EMAIL]
Dec 04 14:28:24 [INSTANCE NAME] caddy[2522]: 2019/12/04 14:28:24 [INFO] acme: Registering account for [EMAIL]
Dec 04 14:28:24 [INSTANCE NAME] caddy[2522]: 2019/12/04 14:28:24 [INFO] acme: Registering account for [EMAIL]
Dec 04 14:28:24 [INSTANCE NAME] caddy[2522]: 2019/12/04 14:28:24 registration error: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-acct :: urn:ietf:params:acme:error:malformed :: No embedded JWK in JWS header, url:
Dec 04 14:28:24 [INSTANCE NAME] systemd[1]: [SERVICE NAME]: Main process exited, code=exited, status=1/FAILURE
Dec 04 14:28:24 [INSTANCE NAME] systemd[1]: [SERVICE NAME]: Failed with result 'exit-code'.
after I’ve tried same as other my instances run (without -agree=true -email=[EMAIL] in unit)
Dec 04 14:57:57 [INSTANCE NAME] systemd[1]: Started Tests systemd to daemonize a server.
Dec 04 14:57:57 [INSTANCE NAME]caddy[3228]: Activating privacy features...
Dec 04 14:57:57 [INSTANCE NAME] caddy[3228]: Your sites will be served over HTTPS automatically using Let's Encrypt.
Dec 04 14:57:57 [INSTANCE NAME] caddy[3228]: By continuing, you agree to the Let's Encrypt Subscriber Agreement at:
Dec 04 14:57:57 [INSTANCE NAME] caddy[3228]: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Dec 04 14:57:57 [INSTANCE NAME] caddy[3228]: Please enter your email address to signify agreement and to be notified
Dec 04 14:57:57 [INSTANCE NAME] caddy[3228]: in case of issues. You can leave it blank, but we don't recommend it.
Dec 04 14:57:58 [INSTANCE NAME] caddy[3228]: Email address: 2019/12/04 14:57:58 registration error: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-acct :: urn:ietf:params:acme:error:malformed :: No embedded JWK in JWS header, url:
Dec 04 14:57:58 [INSTANCE NAME] systemd[1]: [SERVICE NAME]: Main process exited, code=exited, status=1/FAILURE
Dec 04 14:57:58 [INSTANCE NAME] systemd[1]: [SERVICE NAME]: Failed with result 'exit-code'.
Thing to say: other instances on other server machines run with same settings (different domains but same settings) and they work without any errors.