Your Caddyfile says api.position.group but your logs report errors for a.position.group.
The former has DNS A records, but the latter does not.
The prime suspect when Caddy is logging errors for a site that’s different to your Caddyfile is that Caddy is loading the wrong Caddyfile, or an outdated one.
Ahh, looks like you’ve edited your logs to show the same hostname now.
Just to confirm, what you posted above is the full, unredacted contents of your Caddyfile? And your Caddy host is directly available at 118.25.13.120 (rather than that IP address being a proxy or load balancer etc)?
To be honest, I don’t think I’ve ever had to deal with Error getting validation data. I’m having trouble finding out exactly what circumstances provoke that particular error, but some quick research indicates it can happen when there are strange / nonsensical redirects happening.