Unable to access app via command-line or systemd service file

Help
1

1. Caddy version (caddy version):

2.3.0

2. How I run Caddy:

a. System environment:

#root@miscx:/# which caddy
/usr/bin/caddy

#root@miscx:/# whereis caddy
caddy: /usr/bin/caddy /etc/caddy /usr/share/caddy

#root@miscx:/etc/default# uname -a
Linux miscx 5.4.0-65-generic #73-Ubuntu SMP Mon Jan 18 17:25:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

#root@miscx:/# cat /etc/os-release
NAME="Ubuntu"
VERSION="20.04.2 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.2 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

b. Command:

#directly
caddy reverse-proxy --from caddy-test.duckdns.org --to 127.0.0.1:8096

#via systemctl
sudo systemctl daemon-reload && sudo systemctl start caddy.service

c. Service/unit/compose file:

root@miscx:/# cat /etc/systemd/system/caddy.service
[Unit]
Description=Caddy web server
After=network-online.target

[Service]
User=caddy
Group=caddy
Type=exec

ExecStart=/usr/bin/caddy run -config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload -config /etc/caddy/Caddyfile
ExecStop=/usr/bin/caddy stop

#Restart=always
RestartSec=15

LimitNOFILE=1048576
LimitNPROC=512

PrivateTmp=true
PrivateDevices=true
ProtectHome=true
ProtectSystem=strict
ReadWritePaths=/etc/caddy/.local /etc/caddy/.config /var/log

CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

{
    email myemail@gmail.com
}


caddy-test.duckdns.org {
    reverse_proxy 127.0.0.1:8096
#    reverse_proxy 157.xx.xxx.xx:8096
}

3. The problem I’m having:

After installing caddy, and setting up caddy.service and Caddyfile as above, I ran sudo systemctl daemon-reload && sudo systemctl start caddy.service.

I am not able to access the app through the domain caddy-test.duckdns.org. I am getting “ERR_EMPTY_RESPONSE”. Is this something on duckdns side or something in my caddy setup?

4. Error messages and/or full log output:

#root@miscx:/# sudo systemctl status caddy
â—Ź caddy.service - Caddy web server
     Loaded: loaded (/etc/systemd/system/caddy.service; disabled; vendor preset: enabled)
     Active: active (running) since Fri 2021-02-12 21:48:51 CET; 10s ago
   Main PID: 3517 (caddy)
      Tasks: 7 (limit: 4567)
     Memory: 10.2M
     CGroup: /system.slice/caddy.service
             └─3517 /usr/bin/caddy run -config /etc/caddy/Caddyfile

Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3304942,"logger":"admin","msg":"admin endpoint st>
Feb 12 21:48:51 miscx caddy[3517]: {"level":"error","ts":1613162931.3309324,"logger":"tls","msg":"migrating certific>
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3310163,"logger":"http","msg":"server is listenin>
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.331077,"logger":"http","msg":"enabling automatic >
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3317883,"logger":"http","msg":"enabling automatic>
Feb 12 21:48:51 miscx caddy[3517]: {"level":"error","ts":1613162931.3321085,"msg":"unable to autosave config","file">
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3321378,"msg":"serving initial configuration"}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3331678,"logger":"tls","msg":"cleaned up storage >
Feb 12 21:48:51 miscx caddy[3517]: {"level":"error","ts":1613162931.3332756,"logger":"tls","msg":"job failed","error>
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3335195,"logger":"tls.cache.maintenance","msg":"s>

#root@miscx:/# journalctl -xef -u caddy.service
Feb 12 21:48:51 miscx systemd[1]: Starting Caddy web server...
-- Subject: A start job for unit caddy.service has begun execution
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit caddy.service has begun execution.
--
-- The job identifier is 1146.
Feb 12 21:48:51 miscx systemd[1]: Started Caddy web server.
-- Subject: A start job for unit caddy.service has finished successfully
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit caddy.service has finished successfully.
--
-- The job identifier is 1146.
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.32768,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3304942,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"error","ts":1613162931.3309324,"logger":"tls","msg":"migrating certificates","error":"making new certs directory: mkdir /var/lib/caddy/.local/share/caddy/certificates/acme-staging-v02.api.letsencrypt.org-directory: read-only file system"}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3310163,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.331077,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3317883,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["caddy-test.duckdns.org"]}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"error","ts":1613162931.3321085,"msg":"unable to autosave config","file":"/var/lib/caddy/.config/caddy/autosave.json","error":"open /var/lib/caddy/.config/caddy/autosave.json: read-only file system"}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3321378,"msg":"serving initial configuration"}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3331678,"logger":"tls","msg":"cleaned up storage units"}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"error","ts":1613162931.3332756,"logger":"tls","msg":"job failed","error":"caddy-test.duckdns.org: obtaining certificate: failed storage check: open /var/lib/caddy/.local/share/caddy/rw_test_6846998850455003241: read-only file system - storage is probably misconfigured"}
Feb 12 21:48:51 miscx caddy[3517]: {"level":"info","ts":1613162931.3335195,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0002d5180"}

Note: This setup is on a hetzner server and I can access the app at 157.xx.xxx.xx:8096

Also, is there a way to fully remove caddy and all related files for a fresh start?

2

Yeah there’s clearly a problem here, Caddy isn’t able to write to its storage locations.

How did you install Caddy exactly? Did you use these instructions?

3

Thank you for the reply.

Yes, I installed using those instructions. I was trying a lot of things while trying to get the caddy.service file to work and may have messed something up (hence trying to find a way to remove caddy and related files to try and start over). I tried sudo apt remove caddy and reinstall but some files remained after removing.

4

Well, the relevant paths that Caddy attempts to write to are:

/var/lib/caddy/.local/share/caddy
/var/lib/caddy/.config/caddy

You can clear these out I suppose. But something on your system must be misconfigured such that those are not writable.

5

I removed autosave.json file from /var/lib/caddy/.config/caddy and acme, certificates, locks folders from /var/lib/caddy/.local/share/caddy

#root@miscx:/# systemctl status caddy
â—Ź caddy.service - Caddy web server
     Loaded: loaded (/etc/systemd/system/caddy.service; disabled; vendor preset: enabled)
     Active: active (running) since Sat 2021-02-13 02:20:09 CET; 1min 5s ago
   Main PID: 30534 (caddy)
      Tasks: 8 (limit: 4567)
     Memory: 9.5M
     CGroup: /system.slice/caddy.service
             └─30534 /usr/bin/caddy run -config /etc/caddy/Caddyfile

Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8412902,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8464084,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["127.0.0.1:2019","localhost:2019","[::1]:2019"]}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8473897,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port>
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8477669,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.849897,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["caddy-test.duckdns.org"]}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"error","ts":1613179209.8503988,"msg":"unable to autosave config","file":"/var/lib/caddy/.config/caddy/autosave.json","error":"open /var/lib/caddy/.config/caddy/autosave.json: read-only file >
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8506467,"msg":"serving initial configuration"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"error","ts":1613179209.851278,"logger":"tls","msg":"job failed","error":"caddy-test.duckdns.org: obtaining certificate: failed storage check: open /var/lib/caddy/.local/share/caddy/rw_test_6>
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8517025,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00025ad20"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.85197,"logger":"tls","msg":"cleaned up storage units"}

#journalctl -xef -u caddy.service
Feb 13 02:20:09 miscx systemd[1]: Starting Caddy web server...
-- Subject: A start job for unit caddy.service has begun execution
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit caddy.service has begun execution.
--
-- The job identifier is 1771.
Feb 13 02:20:09 miscx systemd[1]: Started Caddy web server.
-- Subject: A start job for unit caddy.service has finished successfully
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit caddy.service has finished successfully.
--
-- The job identifier is 1771.
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8412902,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8464084,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["127.0.0.1:2019","localhost:2019","[::1]:2019"]}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8473897,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8477669,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.849897,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["caddy-test.duckdns.org"]}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"error","ts":1613179209.8503988,"msg":"unable to autosave config","file":"/var/lib/caddy/.config/caddy/autosave.json","error":"open /var/lib/caddy/.config/caddy/autosave.json: read-only file system"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8506467,"msg":"serving initial configuration"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"error","ts":1613179209.851278,"logger":"tls","msg":"job failed","error":"caddy-test.duckdns.org: obtaining certificate: failed storage check: open /var/lib/caddy/.local/share/caddy/rw_test_6147453169217434570: read-only file system - storage is probably misconfigured"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.8517025,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00025ad20"}
Feb 13 02:20:09 miscx caddy[30534]: {"level":"info","ts":1613179209.85197,"logger":"tls","msg":"cleaned up storage units"}

What do you recommend I should do? Is there a way to reset caddy?

6

It’s not a problem with Caddy, it’s a problem with your filesystem. That error message is pretty clear about that.

7

I guess I’ll have to destroy the instance and start over. Thank you for the help!

8

@xtrandom Your unit file posted above diverges from our officially recommended one:

That is probably what broke your install. Please use the recommended unit file unless you know what you’re doing. :slight_smile: Thanks!

9

I created a fresh instance and installed caddy using the instructions above.

caddy.service does not exist, which is fine atm:

root@miscx:/# cat /etc/systemd/system/caddy.service
cat: /etc/systemd/system/caddy.service: No such file or directory

Here is my Caddyfile now:

{
	email validEmail@gmail.com
}

caddy-test.duckdns.org {
	reverse_proxy 127.0.0.1:8096
	tls validEmail@gmail.com
}

root@miscx:/etc/caddy# systemctl status caddy
â—Ź caddy.service - Caddy
     Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2021-02-13 05:15:00 CET; 10s ago
       Docs: https://caddyserver.com/docs/
   Main PID: 25565 (caddy)
      Tasks: 7 (limit: 4567)
     Memory: 15.1M
     CGroup: /system.slice/caddy.service
             └─25565 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4332795,"logger":"tls.obtain","msg":"acquiring lock","identifier":"caddy-test.duckdns.org"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.433472,"logger":"tls.obtain","msg":"lock acquired","identifier":"caddy-test.duckdns.org"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4365852,"logger":"tls","msg":"cleaned up storage units"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4369862,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0001c8fc0"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4463885,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["caddy-test.duckdns.org"]}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.446621,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["caddy-test.duckdns.org"]}
Feb 13 05:15:01 miscx caddy[25565]: {"level":"info","ts":1613189701.4647207,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"caddy-test.duckdns.org","challenge_type":"tls-alpn-01","ca":"https://ac>
Feb 13 05:15:02 miscx caddy[25565]: {"level":"error","ts":1613189702.0060773,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"caddy-test.duckdns.org","challenge_type":"tls-alpn-01","status_code":400,"probl>
Feb 13 05:15:02 miscx caddy[25565]: {"level":"error","ts":1613189702.0061266,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"caddy-test.duckdns.org","error":"authorization failed: HTTP 400 urn:iet>
Feb 13 05:15:04 miscx caddy[25565]: {"level":"error","ts":1613189704.2034595,"logger":"tls.obtain","msg":"will retry","error":"[caddy-test.duckdns.org] Obtain: [caddy-test.duckdns.org] creating new order: request to https://acme-v02.api>

Feb 13 05:15:00 miscx systemd[1]: Started Caddy.
-- Subject: A start job for unit caddy.service has finished successfully
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit caddy.service has finished successfully.
--
-- The job identifier is 2021.
Feb 13 05:15:00 miscx caddy[25565]: caddy.HomeDir=/var/lib/caddy
Feb 13 05:15:00 miscx caddy[25565]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Feb 13 05:15:00 miscx caddy[25565]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Feb 13 05:15:00 miscx caddy[25565]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Feb 13 05:15:00 miscx caddy[25565]: caddy.Version=v2.3.0
Feb 13 05:15:00 miscx caddy[25565]: runtime.GOOS=linux
Feb 13 05:15:00 miscx caddy[25565]: runtime.GOARCH=amd64
Feb 13 05:15:00 miscx caddy[25565]: runtime.Compiler=gc
Feb 13 05:15:00 miscx caddy[25565]: runtime.NumCPU=2
Feb 13 05:15:00 miscx caddy[25565]: runtime.GOMAXPROCS=2
Feb 13 05:15:00 miscx caddy[25565]: runtime.Version=go1.15.6
Feb 13 05:15:00 miscx caddy[25565]: os.Getwd=/
Feb 13 05:15:00 miscx caddy[25565]: LANG=en_US.UTF-8
Feb 13 05:15:00 miscx caddy[25565]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Feb 13 05:15:00 miscx caddy[25565]: HOME=/var/lib/caddy
Feb 13 05:15:00 miscx caddy[25565]: LOGNAME=caddy
Feb 13 05:15:00 miscx caddy[25565]: USER=caddy
Feb 13 05:15:00 miscx caddy[25565]: INVOCATION_ID=c931e33e621344afa30a2dc116bbc928
Feb 13 05:15:00 miscx caddy[25565]: JOURNAL_STREAM=9:63379
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4306173,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.43213,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4323692,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4323843,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4327254,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["caddy-test.duckdns.org"]}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4329772,"msg":"autosaved config","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4329858,"msg":"serving initial configuration"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4332795,"logger":"tls.obtain","msg":"acquiring lock","identifier":"caddy-test.duckdns.org"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.433472,"logger":"tls.obtain","msg":"lock acquired","identifier":"caddy-test.duckdns.org"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4365852,"logger":"tls","msg":"cleaned up storage units"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4369862,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0001c8fc0"}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.4463885,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["caddy-test.duckdns.org"]}
Feb 13 05:15:00 miscx caddy[25565]: {"level":"info","ts":1613189700.446621,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["caddy-test.duckdns.org"]}
Feb 13 05:15:01 miscx caddy[25565]: {"level":"info","ts":1613189701.4647207,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"caddy-test.duckdns.org","challenge_type":"tls-alpn-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Feb 13 05:15:02 miscx caddy[25565]: {"level":"error","ts":1613189702.0060773,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"caddy-test.duckdns.org","challenge_type":"tls-alpn-01","status_code":400,"problem_type":"urn:ietf:params:acme:error:connection","error":"Error getting validation data"}
Feb 13 05:15:02 miscx caddy[25565]: {"level":"error","ts":1613189702.0061266,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"caddy-test.duckdns.org","error":"authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - Error getting validation data","order":"https://acme-v02.api.letsencrypt.org/acme/order/112611024/7876812739","attempt":1,"max_attempts":3}
Feb 13 05:15:04 miscx caddy[25565]: {"level":"error","ts":1613189704.2034595,"logger":"tls.obtain","msg":"will retry","error":"[caddy-test.duckdns.org] Obtain: [caddy-test.duckdns.org] creating new order: request to https://acme-v02.api.letsencrypt.org/acme/new-order failed after 1 attempts: HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ (ca=https://acme-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":3.769979029,"max_duration":2592000}

Still doesn’t seem to work. I have provided the email in the Caddyfile, so cert shouldn’t error, correct?

10

Yeah, the service file that ships with the debian package is actually in /lib/systemd/system/caddy.service, and the /etc path is your overrides for it.

Well, at this point you’ve hit rate limits so you’re stuck.

Are you sure you have ports 80 and 443 open and publicly accessible to your server? Does the DNS point to the correct IP address of your server?

If so, then, due to a bug with 2.3.0 (already fixed in the master branch), if you remove your tls <email> line, Caddy will attempt to get a certificate from ZeroSSL instead, since you’ve been rate limited by Let’s Encrypt. The known bug is causing an email being configured to incorrectly disable the zerossl issuer which should be enabled by default. An email is optional, so you can just skip that for now.

11

That was the issue. Thank you so much for the help!

1 Like
12

This topic was automatically closed after 30 days. New replies are no longer allowed.