Stuck on trying to solve challenge (cloudflare)

PozoSer · September 8, 2023, 10:30am

1. The problem I’m having:

Unable to solve Cloudflare Challenge.

2. Error messages and/or full log output:

Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.4328673,"logger":"tls.obtain","msg":"lock acquired","identifier":"*.spozorios.com"}
Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.4329467,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"*.spozorios.com"}
Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.4331994,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["*.spozorios.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"zopallen@gmail.com"}
Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.4332275,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["*.spozorios.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"zopallen@gmail.com"}
Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.4334633,"logger":"tls.obtain","msg":"lock acquired","identifier":"spozorios.com"}
Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.433534,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"spozorios.com"}
Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.433734,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["spozorios.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"zopallen@gmail.com"}
Sep 08 12:44:45 caddy-v2 caddy[1356]: {"level":"info","ts":1694169885.4337568,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["spozorios.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"zopallen@gmail.com"}
Sep 08 12:44:46 caddy-v2 caddy[1356]: {"level":"info","ts":1694169886.6099792,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"*.spozorios.com","challenge_type":"dns-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Sep 08 12:44:46 caddy-v2 caddy[1356]: {"level":"info","ts":1694169886.7144606,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"spozorios.com","challenge_type":"dns-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}

3. Caddy version:

v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=

4. How I installed and ran Caddy:

Debian 12 LXC running on Proxmox 8

Installed go
Installed xcaddy using:

apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-xcaddy-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-xcaddy.list
apt update
apt install xcaddy

Built Caddy with the CouldFlare Plugin:

xcaddy build --with github.com/caddy-dns/cloudflare

Moved the executable:

mv caddy /usr/bin/

Created a user:

sudo groupadd --system caddy
sudo useradd --system \
    --gid caddy \
    --create-home \
    --home-dir /var/lib/caddy \
    --shell /usr/sbin/nologin \
    --comment "Caddy web server" \
    caddy

Created systemd service:

# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.


[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /var/lib/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config/var/lib/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

Created Caddyfile in var/lib/caddy/Caddyfile

a. System environment:

Proxmox 8 running LXC with Debian 12

b. Command:

service caddy start

d. My complete Caddy config:

{
	# Optional: set root folder for Caddyfile and Certificates
	storage file_system {
		root /var/lib/caddy
	}
	email redacted@gmail.com
}

*.spozorios.com, spozorios.com {
	tls {
		dns cloudflare {redacted}
	}

	# Standard reverse proxy
	@vaultwarden host vaultwarden.spozorios.com
	handle @vaultwarden {
		reverse_proxy 192.168.88.185:8000
	}
}

5. Links to relevant resources:

Thanks in advance.

francislavoie · September 9, 2023, 12:29am

There’s no errors in your logs.