I am trying to setup a reverse proxy with LE SSL but the box I am using I don’t have root access. I’ve pulled down the latest version of CaddyServer for the linux box and it will launch. It can’t get access to port 80 or 443 which makes sense since it can’t access root and those ports are probably tied up anyway.
Based on what I have read I cannot ask Caddy to verify ownership of the domain using different ports so I think I have to use the Cloudflare addon but I am not sure how to pass my credentials to the Caddy Server. Are they to be included as arguments when I am running ./Caddy
Yes, that is the tls directive, it goes in your Caddyfile under the site you want to use DNS validation for. The dns subdirective tells Caddy which DNS provider it is going to use to set the acme-challenge TXT record.
The top-level item of a Caddyfile must always be a site label. You’ve moved your tls directive outside of the site definition block, so Caddy has interpreted “tls” as the name of another site, with dns as a directive (which doesn’t exist, hence the error).
Instead, move tls directly under the site you want to use it for:
Environmental variables are not something you set using Caddy, but rather a function of the operating system, and possibly the init/supervisor system, of the host you’re running Caddy on.
Here’s a good run-down, which includes examples for different operating systems:
Ah, an environment variable. I think I understand a little more now. Going to reach out to my host now for help on that one.
Obviously running this without root is less then ideal but if I can get this to work it will be fantastic. Hopefully this thread helps people in future with a similar issue.
Just to be unambiguous, when I refer to the host you’re running Caddy on, I mean the machine or instance (the “box”), not the service provider themselves. If you ask your provider, they will likely point you at some documentation on how to set the variables yourself.
I understand but thanks for clarifying. My host (the company) are very helpful and I assume they will point me to some documentation but I have no issue with that as it gives me something to move on with.
My host support suggested to set the environment variables in ~/.bashrc so I did the following:
nano ~./bashrc
Added these two lines (the real file has the real details I just modified for the sake of a public forum)
CLOUDFLARE_EMAIL=abc
CLOUDFLARE_API_KEY=123
I logged out and back in just incase but it doesn’t work. Also I ran:
echo $CLOUDFLARE_EMAIL
This came back with the correct email address but if I run caddy I get this:
Activating privacy features…2017/12/21 02:44:44 CloudFlare credentials missing
I have no doubt missed something but I cannot see what that is, sorry. If you want me to send you anything thats fine but with API keys it will need to be via a private method please.
Remember that your .bashrc is only sourced when you run a non-login shell as your user. Running Caddy as a service, for example, wouldn’t source this file.
I have a working reverse proxy secured by SSL on a box I don’t have root access to. I need to work out how to make it work in screen but thats something else.
Thank you for your patience and help. I am going to do up a guide for the host I use so other users can make use of this great software.
Doesn’t seem like there is a donation link which is ok but I was hoping to send you some beer/chocolate money.