mafrosis@MBP: ~/test > docker-compose up caddy
Recreating caddy ... done
Attaching to caddy
caddy_1 | {"level":"info","ts":1597182750.309071,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
caddy_1 | {"level":"warn","ts":1597182750.313778,"logger":"admin","msg":"admin endpoint disabled"}
caddy_1 | {"level":"info","ts":1597182750.3142364,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00067afc0"}
caddy_1 | {"level":"info","ts":1597182750.3197625,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
caddy_1 | {"level":"info","ts":1597182750.3244257,"logger":"http","msg":"enabling strict SNI-Host matching because TLS client auth is configured","server_name":"srv0"}
caddy_1 | {"level":"debug","ts":1597182750.3251233,"logger":"http","msg":"starting server loop","address":"[::]:2020","http3":false,"tls":true}
caddy_1 | {"level":"debug","ts":1597182750.3252916,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
caddy_1 | {"level":"info","ts":1597182750.3253632,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["ha.mafro.net"]}
caddy_1 | {"level":"info","ts":1597182750.3260002,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
caddy_1 | {"level":"info","ts":1597182750.326079,"msg":"serving initial configuration"}
caddy_1 | {"level":"info","ts":1597182750.3263528,"logger":"tls","msg":"cleaned up storage units"}
caddy_1 | {"level":"info","ts":1597182750.331991,"logger":"tls.obtain","msg":"acquiring lock","identifier":"ha.mafro.net"}
caddy_1 | {"level":"info","ts":1597182750.3322325,"logger":"tls.obtain","msg":"lock acquired","identifier":"ha.mafro.net"}
caddy_1 | {"level":"info","ts":1597182750.3455365,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["ha.mafro.net"]}
caddy_1 | {"level":"info","ts":1597182750.3459635,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["ha.mafro.net"]}
caddy_1 | {"level":"debug","ts":1597182751.2572203,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"GET","url":"https://ca.mafro.net/acme/acme/directory","headers":{"User-Agent":["Caddy/2.2.0-rc.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Cache-Control":["no-store"],"Content-Length":["282"],"Content-Type":["application/json"],"Date":["Tue, 11 Aug 2020 21:52:48 GMT"],"Replay-Nonce":["WDNMcWxCQjBvUW5XQWxNbWtSQjZzWXFUTmUwVzBRUEw"]}}
caddy_1 | {"level":"info","ts":1597182751.2575085,"logger":"tls.obtain","msg":"releasing lock","identifier":"ha.mafro.net"}
caddy_1 | 2020/08/11 21:52:31 panic: certificate worker: runtime error: invalid memory address or nil pointer dereference
caddy_1 | goroutine 57 [running]:
caddy_1 | github.com/caddyserver/certmagic.(*jobManager).worker.func1()
caddy_1 | github.com/caddyserver/[email protected]/async.go:58 +0x9e
caddy_1 | panic(0x14f1320, 0x2596560)
caddy_1 | runtime/panic.go:969 +0x166
caddy_1 | github.com/mholt/acmez/acme.(*stack).push(0x0, 0xc000042c60, 0x2b)
caddy_1 | github.com/mholt/[email protected]/acme/client.go:199 +0x4b
caddy_1 | github.com/mholt/acmez/acme.(*Client).doHTTPRequest(0xc0002fa480, 0xc000652100, 0xc0004b3710, 0xc00016c2d0, 0xc0003bc900, 0x0, 0x0)
caddy_1 | github.com/mholt/[email protected]/acme/http.go:291 +0x2db
caddy_1 | github.com/mholt/acmez/acme.(*Client).httpReq(0xc0002fa480, 0x1a03640, 0xc0006ea6c0, 0x16bf9cc, 0x3, 0xc0003bc960, 0x28, 0x0, 0x0, 0x0, ...)
caddy_1 | github.com/mholt/[email protected]/acme/http.go:176 +0x1e6
caddy_1 | github.com/mholt/acmez/acme.(*Client).provisionDirectory(0xc0002fa480, 0x1a03640, 0xc0006ea6c0, 0x0, 0x0)
caddy_1 | github.com/mholt/[email protected]/acme/client.go:125 +0x1bc
caddy_1 | github.com/mholt/acmez/acme.(*Client).provision(0xc0002fa480, 0x1a03640, 0xc0006ea6c0, 0x0, 0x0)
caddy_1 | github.com/mholt/[email protected]/acme/client.go:95 +0x92
caddy_1 | github.com/mholt/acmez/acme.(*Client).NewOrder(0xc0002fa480, 0x1a03640, 0xc0006ea6c0, 0xc000368d28, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
caddy_1 | github.com/mholt/[email protected]/acme/order.go:106 +0xc4
caddy_1 | github.com/mholt/acmez.(*Client).ObtainCertificateUsingCSR(0xc0004a2640, 0x1a03640, 0xc0006ea6c0, 0xc000368d28, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
caddy_1 | github.com/mholt/[email protected]/client.go:123 +0x3a4
caddy_1 | github.com/caddyserver/certmagic.(*ACMEManager).doIssue(0xc0002fa3c0, 0x1a03640, 0xc0006ea6c0, 0xc00013c900, 0xc0006e8700, 0xc0005a7080, 0x40d1e8, 0xc0, 0x167cfc0)
caddy_1 | github.com/caddyserver/[email protected]/acmemanager.go:299 +0x1a1
caddy_1 | github.com/caddyserver/certmagic.(*ACMEManager).Issue(0xc0002fa3c0, 0x1a03640, 0xc0006ea6c0, 0xc00013c900, 0x0, 0x0, 0x0)
caddy_1 | github.com/caddyserver/[email protected]/acmemanager.go:228 +0xdb
caddy_1 | github.com/caddyserver/caddy/v2/modules/caddytls.(*ACMEIssuer).Issue(0xc0003e2c80, 0x1a03640, 0xc0006ea6c0, 0xc00013c900, 0x1, 0x1, 0xc00013c900)
caddy_1 | github.com/caddyserver/caddy/[email protected]/modules/caddytls/acmeissuer.go:190 +0xda
caddy_1 | github.com/caddyserver/certmagic.(*Config).obtainWithIssuer.func2(0x1a03640, 0xc0006ea6c0, 0x2, 0x1)
caddy_1 | github.com/caddyserver/[email protected]/config.go:448 +0x397
caddy_1 | github.com/caddyserver/certmagic.doWithRetry(0x1a03640, 0xc0006ea6c0, 0xc00044af00, 0xc0005a7aa0, 0x1, 0x1)
caddy_1 | github.com/caddyserver/[email protected]/async.go:106 +0x251
caddy_1 | github.com/caddyserver/certmagic.(*Config).obtainWithIssuer(0xc00041e6c0, 0x1a03580, 0xc0003704c0, 0x19f0140, 0xc0003e2c80, 0xc0002274d0, 0xc, 0x19f0100, 0x0, 0x0)
caddy_1 | github.com/caddyserver/[email protected]/config.go:477 +0x2ef
caddy_1 | github.com/caddyserver/certmagic.(*Config).ObtainCert(0xc00041e6c0, 0x1a03580, 0xc0003704c0, 0xc0002274d0, 0xc, 0x0, 0x0, 0x0)
caddy_1 | github.com/caddyserver/[email protected]/config.go:385 +0x146
caddy_1 | github.com/caddyserver/certmagic.(*Config).manageOne.func1(0x0, 0x0)
caddy_1 | github.com/caddyserver/[email protected]/config.go:310 +0x92
caddy_1 | github.com/caddyserver/certmagic.(*jobManager).worker(0x259f820)
caddy_1 | github.com/caddyserver/[email protected]/async.go:73 +0x102
caddy_1 | created by github.com/caddyserver/certmagic.(*jobManager).Submit
caddy_1 | github.com/caddyserver/[email protected]/async.go:50 +0x12d
^CGracefully stopping... (press Ctrl+C again to force)
Stopping caddy ... done
FROM golang:1.14-alpine as builder
ARG CADDY_VERSION=v2.1.1
ARG CADDY_GANDI_PLUGIN=v1.0.0
ARG XCADDY_VERSION=0.1.5
ARG ARCH=amd64
# dont bother cleaning up since we're in docker multistage
ENV XCADDY_SKIP_CLEANUP=1
RUN apk add --no-cache curl git
RUN curl -o /tmp/xcaddy.tgz -L "https://github.com/caddyserver/xcaddy/releases/download/v${XCADDY_VERSION}/xcaddy_${XCADDY_VERSION}_linux_${ARCH}.tar.gz"
RUN tar xzf /tmp/xcaddy.tgz -C /tmp && cp /tmp/xcaddy /usr/local/bin && chmod +x /usr/local/bin/xcaddy
RUN xcaddy build ${CADDY_VERSION} --with "github.com/caddy-dns/gandi@${CADDY_GANDI_PLUGIN}"
FROM alpine:3.12
RUN apk add --no-cache ca-certificates mailcap bind-tools
# https://github.com/caddyserver/dist/commits
ENV CADDY_DIST_COMMIT ce8860dbfe32fab755b5f87e4f06373c0c849d13
RUN set -eux; \
mkdir -p \
/config/caddy \
/data/caddy \
/etc/caddy \
/usr/share/caddy \
; \
wget -O /etc/caddy/Caddyfile "https://github.com/caddyserver/dist/raw/$CADDY_DIST_COMMIT/config/Caddyfile"; \
wget -O /usr/share/caddy/index.html "https://github.com/caddyserver/dist/raw/$CADDY_DIST_COMMIT/welcome/index.html"
# https://github.com/caddyserver/caddy/releases
ARG CADDY_VERSION=${CADDY_VERSION}
COPY --from=builder /go/caddy /usr/local/bin/caddy
# set up nsswitch.conf for Go's "netgo" implementation
# - https://github.com/docker-library/golang/blob/1eb096131592bcbc90aa3b97471811c798a93573/1.14/alpine3.12/Dockerfile#L9
RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
# See https://caddyserver.com/docs/conventions#file-locations for details
ENV XDG_CONFIG_HOME=/config
ENV XDG_DATA_HOME=/data
VOLUME /config
VOLUME /data
EXPOSE 80
EXPOSE 443
EXPOSE 2019
WORKDIR /srv
CMD ["caddy", "run", "--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"]