1. The problem I’m having:
I’ve been running this config for a couple years now and for some reason certificates are not renewing. I’ve rolled the dns key to make sure that wasn’t the issue. Not sure what is going on. Any advice on what to check next?
2. Error messages and/or full log output:
caddy[3806126]: {"level":"error","ts":1680888660.7025175,"logger":"http.handlers.reverse_proxy","msg":"aborting wit
3. Caddy version:
v2.6.4
4. How I installed and ran Caddy:
xcaddy custom build
a. System environment:
Ubuntu
b. Command:
c. Service/unit/compose file:
[Unit]
Description=Caddy Reverse Proxy
After=network.target network-online.target
Requires=network-online.target
[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile --log /etc/caddy/caddy.log
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddy config:
(snip) {
header {
# Enable HSTS
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# Referrer Policy retains much of the referrers usefulness while mitigating the risk of leaking data
Referrer-Policy "strict-origin-when-cross-origin"
# Disable FLoC tracking
Permissions-Policy interest-cohort=()
# Gets the clients IP address
X-Real-IP {http.request.remote}
# Forwards clients IP
X-Forwarded-For {remote_host}
# Stops pages from loading when they detect reflected cross-site scripting attacks
X-XSS-Protection "1; mode=block"
# Disable clients from sniffing the media type
X-Content-Type-Options "nosniff"
# Clickjacking protection
X-Frame-Options "DENY"
}
tls {
issuer acme {
email "My Email Address"
dns cloudflare "My Cloudflare key"
resolvers 1.1.1.1 1.0.0.1
}
}
encode zstd gzip
}
test.xtraxtra.com {
reverse_proxy http://192.168.1.54:9000
import snip
}