Certificate renewal stopped working

Question

Certificate renewal stopped working

himazawa opened this issue 4 months ago · 1 comments

I'm using caddy in Docker with the following dockerfile:

FROM caddy:2-builder AS builder

RUN xcaddy build \
    --with github.com/caddy-dns/cloudflare \
    --with github.com/dulli/caddy-wol

FROM caddy:2

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

and the following caddyfile:

{
  log
  ocsp_stapling off
}

...
ag.prismlab.cc {
  tls {
    dns cloudflare {env.CF_API_TOKEN}
    resolvers 1.1.1.1
  }
  reverse_proxy 192.168.1.254:8081
}

...

Starting yesterday I'm getting errors at caddy startup.

The CF token is correctly set to Zone.Zone:Read and Zone.DNS:Edit.

I already tried to rotate the token (just in case) and re-built Caddy without any improvement.

The docker container is using 1.1.1.1 as DNS.

It was working correctly in the past, no idea what changed that could have break it.

Answer 1 · 2024-07-10T17:49:54.000Z

It seems reddit.prismlab.cc has no DNS records:

$ doggo --any reddit.prismlab.cc
NAME	TYPE	CLASS	TTL	ADDRESS	NAMESERVER

I would double-check your DNS configuration. I'm going to close this, but if it turns out to be a bug in the Cloudflare module, we can reopen it :)