Closed manish181192 closed 1 month ago
mholt
commented
1 month ago Most likely your CF_API_TOKEN env var does not actually contain your correct API token. (Replace your caddy run command with caddy environ and verify. Or use caddy run --environ)
Will reopen if there ends up being a bug in the library but so far I think it's just an env var missing.
manish181192
commented
1 month ago Thanks @mholt
I verified that the environment variable is set correctly using caddy environ
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
BUN_INSTALL=/home/manish/.bun
CF_API_KEY=*****
CF_API_TOKEN=****
_=/usr/bin/caddyI ran the caddy run --environ and i am still getting the same error. :(
2024/07/26 06:01:58.782 INFO tls finished cleaning storage units
2024/07/26 06:01:58.783 INFO tls.obtain lock acquired {"identifier": "www.heedgpt.com"}
2024/07/26 06:01:58.783 INFO tls.obtain obtaining certificate {"identifier": "www.heedgpt.com"}
2024/07/26 06:01:58.784 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["www.heedgpt.com"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/07/26 06:01:58.784 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["www.heedgpt.com"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/07/26 06:01:58.784 INFO tls.issuance.acme using ACME account {"account_id": "https://acme-v02.api.letsencrypt.org/acme/acct/1850362407", "account_contact": []}
2024/07/26 06:01:59.192 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "www.heedgpt.com", "challenge_type": "dns-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2024/07/26 06:01:59.580 ERROR tls.issuance.acme.acme_client cleaning up solver {"identifier": "www.heedgpt.com", "challenge_type": "dns-01", "error": "no memory of presenting a DNS record for \"_acme-challenge.www.heedgpt.com\" (usually OK if presenting also failed)"}
2024/07/26 06:01:59.655 ERROR tls.obtain could not get certificate from issuer {"identifier": "www.heedgpt.com", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[www.heedgpt.com] solving challenges: presenting for challenge: adding temporary record for zone \"heedgpt.com.\": got error status: HTTP 400: [{Code:6003 Message:Invalid request headers ErrorChain:[{Code:6111 Message:Invalid format for Authorization header}]}] (order=https://acme-v02.api.letsencrypt.org/acme/order/1850362407/290665660567) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
2024/07/26 06:01:59.655 ERROR tls.obtain will retry {"error": "[www.heedgpt.com] Obtain: [www.heedgpt.com] solving challenges: presenting for challenge: adding temporary record for zone \"heedgpt.com.\": got error status: HTTP 400: [{Code:6003 Message:Invalid request headers ErrorChain:[{Code:6111 Message:Invalid format for Authorization header}]}] (order=https://acme-v02.api.letsencrypt.org/acme/order/1850362407/290665660567) (ca=https://acme-v02.api.letsencrypt.org/directory)", "attempt": 1, "retrying_in": 60, "elapsed": 0.871626356, "max_duration": 2592000}I tried caddy environ and this had the environment variable but sudo caddy environ didnt have the token.
This worked for me
CF_API_TOKEN=$CF_API_TOKEN caddy run
I added the token in the system service file. It works now.
mholt
commented
1 month ago caddy environ may show the environment variable even if the way you're actually running Caddy can't see it. You need to replace your Caddy command however you're running it (a script, a systemd service, etc) with caddy environ to see the result. Or better yet, just add --environ to the command you're running. If you run it as your user to check but are actually running it as a system service you'll get different results.
Can someone help me out ?
This is my caddyfile