How to reverse proxy with caddy, tailscale and docker ?
Hello all, I’m taking my first steps in the realm of self-hosting and am learning as I go. I have a VM running ubuntu and I got it connected to tailscale network to fend off unwanted visitors. I also have discovered Docker and am using it to deploy two web applications: FreshRSS and Podfetch. I can deploy them through Docker and they both have their own ports which I can access through ipadrress:portnumber
URL in my webbrowser. But, the connection is unsecured over HTTP. I’d like to take it a step further in order to make the connections go over HTTPS.
I thought to use Caddy to make a reverse proxy as it is supposed to have good support with Tailscale but I’m not being particularly successful. I can connect to the individual applications (FreshRSS, PodFetch) by using the given tailscale DNS name (machine.domain.ts.net) and port directly in the browsers URL, but going to the machine.domain.ts.net does only yield in a connection error.
I’ve attached the stdout from running Caddy, my spidersense is telling it is something to do with getting a cert from letsencrypt. Over at tailscale admin, I’ve ensured I have a tailnet name, MagicDNS and HTTPS certificates enabled.
Here’s some relevant information, Caddy log file is at the end.
Thanks in advance
EDIT: solution to my problem at the end of this post.
sudo docker ps
<span style="color:#323232;">CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
</span><span style="color:#323232;">
</span><span style="color:#323232;">86a72dbd2686 samuel19982/podfetch:latest "./podfetch" 20 minutes ago Up 18 minutes 0.0.0.0:8480->8000/tcp, :::8480->8000/tcp podfetch_podfetch_1
</span><span style="color:#323232;">
</span><span style="color:#323232;">a7dae64308f9 caddy:latest "caddy run --config …" 25 hours ago Up 17 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 443/udp, 2019/tcp caddy
</span><span style="color:#323232;">
</span><span style="color:#323232;">141bbf69ad62 freshrss/freshrss "./Docker/entrypoint…" 2 months ago Up 2 months 0.0.0.0:8080->80/tcp, :::8080->80/tcp freshrss
</span>
Current Caddyfile:
<span style="color:#323232;">machine.domain.ts.net
</span><span style="color:#323232;">
</span><span style="color:#323232;">respond "hello"
</span><span style="color:#323232;">file_server
</span>
docker-compose.yml for Caddy
<span style="color:#63a35c;">version</span><span style="color:#323232;">: </span><span style="color:#183691;">"3"
</span><span style="color:#323232;">
</span><span style="color:#63a35c;">services</span><span style="color:#323232;">:
</span><span style="color:#323232;"> </span><span style="color:#63a35c;">caddy</span><span style="color:#323232;">:
</span><span style="color:#323232;"> </span><span style="color:#63a35c;">image</span><span style="color:#323232;">: </span><span style="color:#183691;">caddy:latest
</span><span style="color:#323232;"> </span><span style="color:#63a35c;">container_name</span><span style="color:#323232;">: </span><span style="color:#183691;">caddy
</span><span style="color:#323232;"> </span><span style="color:#63a35c;">restart</span><span style="color:#323232;">: </span><span style="color:#183691;">always
</span><span style="color:#323232;"> </span><span style="color:#63a35c;">ports</span><span style="color:#323232;">:
</span><span style="color:#323232;"> - </span><span style="color:#183691;">"80:80"
</span><span style="color:#323232;"> - </span><span style="color:#183691;">"443:443"
</span><span style="color:#323232;"> </span><span style="color:#63a35c;">volumes</span><span style="color:#323232;">:
</span><span style="color:#323232;"> - </span><span style="color:#183691;">/home/ubuntu/caddy/caddy_data:/data
</span><span style="color:#323232;"> - </span><span style="color:#183691;">/home/ubuntu/caddy/caddy_config:/config
</span><span style="color:#323232;"> - </span><span style="color:#183691;">/home/ubuntu/caddy/Caddyfile:/etc/caddy/Caddyfile
</span>
log output from running sudo docker-compose up
in the directory where docker-compose.yml is located
<span style="color:#323232;">Starting caddy ... done
</span><span style="color:#323232;">
</span><span style="color:#323232;">Attaching to caddy
</span><span style="color:#323232;">
</span><span style="color:#323232;">caddy | {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0689287</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"using provided configuration",</span><span style="font-weight:bold;color:#183691;">"config_file"</span><span style="color:#323232;">:"/etc/caddy/Caddyfile",</span><span style="font-weight:bold;color:#183691;">"config_adapter"</span><span style="color:#323232;">:"caddyfile"}
</span><span style="color:#323232;">
</span><span style="color:#323232;">caddy | {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"warn",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0720005</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies",</span><span style="font-weight:bold;color:#183691;">"adapter"</span><span style="color:#323232;">:"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddyfile</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">file</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">/etc/caddy/Caddyfile</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">line</span><span style="color:#323232;">":9} </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0762668</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"admin",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"admin endpoint started",</span><span style="font-weight:bold;color:#183691;">"address"</span><span style="color:#323232;">:"localhost:2019",</span><span style="font-weight:bold;color:#183691;">"enforce_origin"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">false</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"origi</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ns</span><span style="font-weight:bold;color:#183691;">":["</span><span style="font-style:italic;color:#969896;">//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">{</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0775971</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http.auto_https",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"enabling automatic HTTP->HTTPS redirects",</span><span style="font-weight:bold;color:#183691;">"server_name"</span><span style="color:#323232;">:"srv0"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.077673</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http.auto_https",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"server is listening only on the HTTPS port but has no TLS connection po</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">licies;</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">adding</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">one</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">to</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">enable</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">TLS</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">server_name</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">srv</span><span style="color:#0086b3;">1</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">https_port</span><span style="color:#323232;">":443} </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.077703</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http.auto_https",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"enabling automatic HTTP->HTTPS redirects",</span><span style="font-weight:bold;color:#183691;">"server_name"</span><span style="color:#323232;">:"srv1"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.07822</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"enabling HTTP/3 listener",</span><span style="font-weight:bold;color:#183691;">"addr"</span><span style="color:#323232;">:":2016"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0783753</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">).</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">See</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">https:</span><span style="font-style:italic;color:#969896;">//github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details."}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0794368</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http.log",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"server running",</span><span style="font-weight:bold;color:#183691;">"name"</span><span style="color:#323232;">:"srv0",</span><span style="font-weight:bold;color:#183691;">"protocols"</span><span style="color:#323232;">:["h1","h2","h3"]}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.079528</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"enabling HTTP/3 listener",</span><span style="font-weight:bold;color:#183691;">"addr"</span><span style="color:#323232;">:":443"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.079708</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http.log",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"server running",</span><span style="font-weight:bold;color:#183691;">"name"</span><span style="color:#323232;">:"srv1",</span><span style="font-weight:bold;color:#183691;">"protocols"</span><span style="color:#323232;">:["h1","h2","h3"]}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0798655</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http.log",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"server running",</span><span style="font-weight:bold;color:#183691;">"name"</span><span style="color:#323232;">:"remaining_auto_https_redirects",</span><span style="font-weight:bold;color:#183691;">"protocols"</span><span style="color:#323232;">:["h1","h2</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">h</span><span style="color:#0086b3;">3</span><span style="color:#323232;">"]} </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0800827</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"autosaved config (load with --resume flag)",</span><span style="font-weight:bold;color:#183691;">"file"</span><span style="color:#323232;">:"/config/caddy/autosave.json"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0801237</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"serving initial configuration"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0802798</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.cache.maintenance",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"started background certificate maintenance",</span><span style="font-weight:bold;color:#183691;">"cache"</span><span style="color:#323232;">:"0xc00032950</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="color:#0086b3;">0</span><span style="color:#323232;">"} </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.080402</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"cleaning storage unit",</span><span style="font-weight:bold;color:#183691;">"description"</span><span style="color:#323232;">:"FileStorage:/data/caddy"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499456.0843327</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"finished cleaning storage units"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">********************</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">*****</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">Connection</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">to</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">is</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">made</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">here</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">********************</span><span style="color:#323232;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"warn",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.27926</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"http",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"could not get status; will try to get certificate anyway",</span><span style="font-weight:bold;color:#183691;">"error"</span><span style="color:#323232;">:"Get </span><span style="color:#0086b3;">"</span><span style="color:#323232;">http://loc</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">al-tailscaled.sock/localapi/v</span><span style="color:#0086b3;">0</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">/status</span><span style="color:#323232;">": dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"error",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.2793655</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.handshake",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"getting certificate from external certificate manager",</span><span style="font-weight:bold;color:#183691;">"remote_ip"</span><span style="color:#323232;">:"100</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">.</span><span style="color:#0086b3;">125.48</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">.</span><span style="color:#0086b3;">40</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">remote_port</span><span style="color:#323232;">":"</span><span style="color:#0086b3;">60140</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">sni</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">cert_manager</span><span style="color:#323232;">":0,"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">error</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">Get</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;"></span><span style="color:#323232;">"http://local-tailscaled.sock/localapi/v0/cert/vaulty.tail</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#0086b3;">5148</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">.ts.net?type=pair</span><span style="color:#323232;">": dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.2794874</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.on_demand",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"obtaining new certificate",</span><span style="font-weight:bold;color:#183691;">"remote_ip"</span><span style="color:#323232;">:"100.125.48.40",</span><span style="font-weight:bold;color:#183691;">"remote_port"</span><span style="color:#323232;">:"60</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="color:#0086b3;">140</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">server_name</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;">"} </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.2796874</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.obtain",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"acquiring lock",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.2826056</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.obtain",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"lock acquired",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.2827125</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.obtain",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"obtaining certificate",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.285254</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"waiting on internal rate limiter",</span><span style="font-weight:bold;color:#183691;">"identifiers"</span><span style="color:#323232;">:["machine.domain.ts.net"],</span><span style="font-weight:bold;color:#183691;">"ca"</span><span style="color:#323232;">:"h</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ttps:</span><span style="font-style:italic;color:#969896;">//acme-v02.api.letsencrypt.org/directory","account":"[email protected]"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499478.2852805</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"done waiting on internal rate limiter",</span><span style="font-weight:bold;color:#183691;">"identifiers"</span><span style="color:#323232;">:["machine.domain.ts.net"],</span><span style="font-weight:bold;color:#183691;">"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ca</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">https</span><span style="color:#323232;">:</span><span style="font-style:italic;color:#969896;">//acme-v02.api.letsencrypt.org/directory","account":"[email protected]"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499479.3021843</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.acme_client",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"trying to solve challenge",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net",</span><span style="font-weight:bold;color:#183691;">"cha</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">llenge_type</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">tls-alpn-01</span><span style="font-weight:bold;color:#183691;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ca</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">https</span><span style="color:#323232;">:</span><span style="font-style:italic;color:#969896;">//acme-v02.api.letsencrypt.org/directory"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"error",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499479.867296</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.acme_client",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"challenge failed",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net",</span><span style="font-weight:bold;color:#183691;">"challenge_ty</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">pe</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">tls-alpn-01</span><span style="font-weight:bold;color:#183691;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem</span><span style="font-weight:bold;color:#183691;">":{"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">type</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">urn</span><span style="color:#323232;">:</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ietf:params:acme:error:dns</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">title</span><span style="color:#323232;">":"","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">detail</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">A</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">check</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">record</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">domain;</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">AAAA</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">check</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">record</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;">
</span><span style="color:#323232;">
</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">domain</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">instance</span><span style="color:#323232;">":"","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">subproblems</span><span style="color:#323232;">":[]}} </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"error",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499479.867339</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.acme_client",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"validating authorization",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net",</span><span style="font-weight:bold;color:#183691;">"prob</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">lem</span><span style="font-weight:bold;color:#183691;">":{"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">type</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">urn</span><span style="color:#323232;">:</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ietf:params:acme:error:dns</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">title</span><span style="color:#323232;">":"","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">detail</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">A</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">check</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">record</span><span style="color:#323232;">
</span><span style="color:#323232;">
</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">domain;</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">AAAA</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">check</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">record</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">domain</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">instance</span><span style="color:#323232;">":"",</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="color:#323232;">"subproblems"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">:</span><span style="color:#323232;">[]},</span><span style="font-weight:bold;color:#183691;">"order"</span><span style="color:#323232;">:"https://acme-v02.api.letsencrypt.org/acme/order/1247308536/200246894916",</span><span style="font-weight:bold;color:#183691;">"attempt"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"max_attempts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">3</span><span style="color:#323232;">}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"info",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499481.1934462</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.acme_client",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"trying to solve challenge",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net",</span><span style="font-weight:bold;color:#183691;">"cha</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">llenge_type</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">http-01</span><span style="font-weight:bold;color:#183691;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ca</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">https</span><span style="color:#323232;">:</span><span style="font-style:italic;color:#969896;">//acme-v02.api.letsencrypt.org/directory"}
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {</span><span style="font-weight:bold;color:#183691;">"level"</span><span style="color:#323232;">:"error",</span><span style="font-weight:bold;color:#183691;">"ts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">1691499481.7219243</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"logger"</span><span style="color:#323232;">:"tls.acme_client",</span><span style="font-weight:bold;color:#183691;">"msg"</span><span style="color:#323232;">:"challenge failed",</span><span style="font-weight:bold;color:#183691;">"identifier"</span><span style="color:#323232;">:"machine.domain.ts.net",</span><span style="font-weight:bold;color:#183691;">"challenge_t</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ype</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">http-01</span><span style="font-weight:bold;color:#183691;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem</span><span style="font-weight:bold;color:#183691;">":{"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">type</span><span style="font-weight:bold;color:#183691;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">urn</span><span style="color:#323232;">:</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ietf:params:acme:error:dns</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">title</span><span style="color:#323232;">":"","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">detail</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">A</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">che</span><span style="color:#323232;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ck</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">record</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">domain;</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">AAAA</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">check</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">record</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">do</span><span style="color:#323232;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">main</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">instance</span><span style="color:#323232;">":"","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">subproblems</span><span style="color:#323232;">":[]}} </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">caddy</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">|</span><span style="color:#323232;"> {"level":"error","ts":</span><span style="color:#0086b3;">1691499481.7219615</span><span style="color:#323232;">,"logger":"tls.acme_client","msg":"validating authorization","identifier":"machine.domain.ts.net","pro</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">blem</span><span style="color:#323232;">":{"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">type</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">urn</span><span style="color:#323232;">:</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">ietf:params:acme:error:dns</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">title</span><span style="color:#323232;">":"","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">detail</span><span style="color:#323232;">":"</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">A</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">check</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">recor</span><span style="color:#323232;">
</span><span style="color:#323232;">
</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">d</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">domain;</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">problem:</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">NXDOMAIN</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">looking</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">up</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">AAAA</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">machine.domain.ts.net</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">-</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">check</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">that</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">a</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">DNS</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">record</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">exists</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">for</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">this</span><span style="color:#323232;"> </span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">domain</span><span style="color:#323232;">","</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">instance</span><span style="color:#323232;">":""</span><span style="background-color:#f5f5f5;font-weight:bold;color:#b52a1d;">
</span><span style="color:#323232;">
</span><span style="color:#323232;">,"subproblems":[]},</span><span style="font-weight:bold;color:#183691;">"order"</span><span style="color:#323232;">:"https://acme-v02.api.letsencrypt.org/acme/order/1247308536/200246898176",</span><span style="font-weight:bold;color:#183691;">"attempt"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">2</span><span style="color:#323232;">,</span><span style="font-weight:bold;color:#183691;">"max_attempts"</span><span style="color:#323232;">:</span><span style="color:#0086b3;">3</span><span style="color:#323232;">}
</span>
EDIT - SOLUTION: many weeks later, I’ve learn a few things. Running Caddy bare-metal removed the complexity of dealing with docker networks, but it wasn’t as robust as I expected (lets just say - I ran into a very edge-case issue that ruined my day).
The solution to my actual problem was to actually directing the requests to the URL to the actual IP adress of the docker container running the service I want to make avaible, and ensure that both docker and the service are on the same docker network. A very obvious solution in hindsight, and to be fair, I think I’ve had the misfortune to run into several issues before reaching this insight.
Add comment