this post was submitted on 20 Jul 2023
1 points (66.7% liked)

Selfhosted

51293 readers
936 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
1
Caddy with Cloudflare DNS fails to solve acme challenge (lemmy.world)
submitted 2 years ago by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

Hello, I am a pretty new beginner to website stuff and was trying to get my personal website to run on my VPS. The website's DNS is Cloudflare and I am trying to get it to work using Caddy. I've been trying to get past the acme challenge solving thing, but always get this error message:

ERROR   tls.obtain      could not get certificate from issuer   {"identifier": "asudox.dev", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[asudox.dev] solving challenges: waiting for solver certmagic.solverWrapper to be ready: timed out waiting for record to fully propagate; verify DNS provider configuration is correct - last error: <nil> (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/111399894/9853568284) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}

As much as I've seen from the Cloudflare dashboard, the acme challenge record gets created. What is the problem? I also tried to change the resolver to Cloudflare's as it is a troubleshooting step in the Cloudflare Caddy module github page, but that also did not work.

Here's the Caddyfile:

asudox.dev {
        respond "Test"
        tls {
                dns cloudflare {env.CF_API_TOKEN}
        }
}
top 5 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 2 years ago (1 children)

It's been a while since I use caddy but I use the dns for nginx, make sure you are using the correct api key, it does not like using a too permissive one.
So a zone token instead of an account token.

[–] [email protected] 2 points 2 years ago* (last edited 2 years ago)

Already done that. The permissions of the API are Zone:Read & DNS:Edit That was what was stated in the Caddy github page.

[–] [email protected] 1 points 2 years ago (1 children)

Try adding

resolvers 1.1.1.1

in the tls block below dns cloudflare

[–] [email protected] 1 points 2 years ago

As mentioned, I've already tried that.

[–] bluejay 1 points 2 years ago* (last edited 2 years ago)

The confusing part is you seeing something happen at cloudflare. For reference, this is how all of mine are set up:

site.domain.tld {
	reverse_proxy subsite.domain.tld:1234
	tls {
		dns cloudflare "{env.CF_API_TOKEN}"
	}
}

The only difference being the quoted variable, but since you see it hitting cloudflare I would be surprised if that was the issue.

Do you have Caddy installed directly or are you using docker?

load more comments
view more: next ›