search

caddy-dns / duckdns

Caddy module: dns.providers.duckdns
46 stars 11 forks source link

Could not get certificate from issuer #6

Closed Giulianini closed 1 year ago

Giulianini commented 2 years ago

I have reinstalled the os in my raspberry, in the old OS everything is working, when i try to start Caddy in new OS it fails to obtain certificate form issuer. I have generated another duckdns token but the problem is still there. I have also changed the duckdns domain but nothing changed. This is my docker-compose file:

version: '3'

services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
    environment:
      - WEBSOCKET_ENABLED=true  # Enable WebSocket notifications.
    volumes:
      - ./vw-data:/data

  caddy:
    image: caddy:2
    container_name: caddy
    restart: always
    ports:
      - 443:443
    volumes:
      - ./caddy:/usr/bin/caddy  # Your custom build of Caddy.
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - ./caddy-config:/config
      - ./caddy-data:/data
    environment:
      - DOMAIN=https://mydomain.duckdns.org           # Your domain.
      - EMAIL=mymail@domain.com                              # The email address to use for ACME registration.
      - DUCKDNS_TOKEN=<<<<<<<token>>>>>>>   # Your Duck DNS token.
      - LOG_FILE=/data/access.log

This is my Caddyfile :

{$DOMAIN}:443 {
  log {
    level INFO
    output file {$LOG_FILE} {
      roll_size 10MB
      roll_keep 10
    }
  }

  # Use the ACME DNS-01 challenge to get a cert for the configured domain.
  tls {
    dns duckdns {$DUCKDNS_TOKEN}
  }

  # This setting may have compatibility issues with some browsers
  # (e.g., attachment downloading on Firefox). Try disabling this
  # if you encounter issues.
  encode gzip

  # Notifications redirected to the WebSocket server
  reverse_proxy /notifications/hub vaultwarden:3012

  # Proxy everything else to Rocket
  reverse_proxy vaultwarden:80
}

Here the error:

"level":"error","ts":1655677023.0840948,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"mydomain.duckdns.org","issuer":"acme-staging-v02.api.letsencrypt.org-directory","error":"[mydomain.duckdns.org] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of _acme-challenge.mydomain.duckdns.org: NS ns2.duckdns.org. returned SERVFAIL for _acme-challenge.mydomain.duckdns.org. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/57962444/2893033054) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}

bee-san commented 1 year ago

I get the same issue

francislavoie commented 1 year ago

@bee-san that's not a helpful comment. Please share additional details. What's your config? What's your DuckDNS domain? What error message are you seeing, exactly?

Without more details, I don't think we can do anything here.