Monviech
commented
6 months ago Hello, thanks for trying the plugin.
I've read about this in the documentation, and Caddy will always listen on 80 and 443 for clients. The default ports for clients can't be changed.
The ports have to be free on the OPNsense, since caddy binds to 0.0.0.0:80 , ::80, 0.0.0.0:443, ::443.
https://caddyserver.com/docs/caddyfile/options#http-port https://caddyserver.com/docs/caddyfile/options#https-port
You don't have to port forward port 80 for the ACME challenge. 443 is enough, it will automatically use TLS-ALPN challenge then. https://letsencrypt.org/docs/challenge-types/#tls-alpn-01
And if you don't want to port forward any ports to the OPNsense for the ACME Challenge, you can choose a DNS Provier and do the DNS-01 Challenge.
I'm trying to use this plugin. The first thing i'm now running into is, that i have to modify the port of the opnsense gui from port 80 to another port. This to make the port available for the ACME-challenge. I've made this change.
If it would be possible to specify the HTTP_PORT for Caddy this would be convenient. If this would be possible, i could use the port-forward of my modem to forward port 80 to the specified HTTP_PORT.
https://caddyserver.com/docs/json/apps/http/http_port/