1. My Caddy version (caddy version
):
caddy/caddy:latest
2. How I run Caddy:
a. System environment:
Docker container in Portainer on QNAP NAS
b. Command:
caddy file-server --domain cszr.dev
c. Service/unit/compose file:
docker run -d -p 80:80 -p 443:443 \
-v /share/Valhalla/config/caddy/site/index.html:/usr/share/caddy/index.html \
-v /share/Valhalla/config/caddy/data:/data \
-v /share/Valhalla/config/caddy:/config \
-v /share/Valhalla/config/caddy/caddyfile/Caddyfile:/etc/caddy/Caddyfile \
caddy/caddy:latest caddy file-server --domain cszr.dev
d. My complete Caddyfile or JSON config:
{
storage file_system {
root /etc/caddy
}
experimental_http3
}
cszr.dev {
root * /share/Valhalla/config/caddy/site
try_files {path}.html {path}
encode gzip zstd brotli
file_server
}
www.cszr.dev {
redir https://cszr.dev
}
3. The problem I’m having:
I am trying (for now) to set up SSL on the domain with Caddy, after which I will redirect my various containers to it (i.e. Sonarr to cszr.dev/sonarr).
4. Error messages and/or full log output:
2020/03/21 00:31:06.365 WARN admin admin endpoint disabled,
2020/03/21 00:31:06.365 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "static", "https_port": 443},
2020/03/21 00:31:06.365 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "static"},
2020/03/21 00:31:06 [INFO][cache:0xc0006bc640] Started certificate maintenance routine,
2020/03/21 00:31:06.365 INFO tls cleaned up storage units,
2020/03/21 00:31:06.366 INFO http enabling automatic TLS certificate management {"domains": ["cszr.dev"]},
2020/03/21 00:31:06.366 INFO autosaved config {"file": "/config/caddy/autosave.json"},
2020/03/21 00:31:06 Caddy 2 serving static files on :443,
2020/03/21 00:31:06 [INFO][cszr.dev] Obtain certificate; acquiring lock...,
2020/03/21 00:31:06 [INFO][cszr.dev] Obtain: Lock acquired; proceeding...,
2020/03/21 00:31:07 [INFO] [cszr.dev] acme: Obtaining bundled SAN certificate given a CSR,
2020/03/21 00:31:07 [INFO][cszr.dev] Waiting on rate limiter...,
2020/03/21 00:31:07 [INFO][cszr.dev] Done waiting,
2020/03/21 00:31:08 [INFO] [cszr.dev] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3474197488,
2020/03/21 00:31:08 [INFO] [cszr.dev] acme: use tls-alpn-01 solver,
2020/03/21 00:31:08 [INFO] [cszr.dev] acme: Trying to solve TLS-ALPN-01,
2020/03/21 00:31:09 http: TLS handshake error from 127.0.0.1:39336: EOF,
2020/03/21 00:31:28 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3474197488,
2020/03/21 00:31:28 [ERROR] acme: Error -> One or more domains had a problem:,
[cszr.dev] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Timeout during connect (likely firewall problem), url: ,
(challenge=tls-alpn-01 remaining=[http-01]),
2020/03/21 00:31:28 [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3474197488,
2020/03/21 00:31:30 [INFO] [cszr.dev] acme: Obtaining bundled SAN certificate given a CSR,
2020/03/21 00:31:31 [INFO] [cszr.dev] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3474202221,
2020/03/21 00:31:31 [INFO] [cszr.dev] acme: Could not find solver for: tls-alpn-01,
2020/03/21 00:31:31 [INFO] [cszr.dev] acme: use http-01 solver,
2020/03/21 00:31:31 [INFO] [cszr.dev] acme: Trying to solve HTTP-01,
2020/03/21 00:31:31 [INFO][cszr.dev] Served key authentication (HTTP challenge)
5. What I already tried:
I am pretty sure my issue is the Caddyfile, I have tried various examples and it simply doesn’t work in any way. Furthermore, I have no idea if I have to recreate the Docker each time I change the Caddyfile or not. I’ve tried simply restarting, recreating, deleting all folders and recreating and nothing, still. The file is giving me a headache.
6. Links to relevant resources:
This is where I got most of my information, plus some StackOverflow articles and some from here, as well.