I’m slightly freaking out. I recently ran some updates on my Linux Mint server computer. Afterwards, my modules, like Porkbun, had been removed and kept giving a 400 error when trying to add-package. Without the porkbun dns module, caddy can’t pass the keys and nothing with reverse proxy from me. The porkbun git page mentions some upgrade to the DNS system a few days ago that they said was connected to this. Any ideas of what to do? Do I downgrade Caddy until they resolve? I’m not the most computer savvy so I appreciate the help.
Downgrade to 2.9 till the porkbun plugin gets updated to work withb2.10.
I guess it depends on how you got caddy to begin with. If you used xcaddy, you have to update caddy the same way (recompile via
xcaddy
) otherwise you’ll get the default binary which has no misc modules by default, which kinda sounds like what’s happened but who knows for sure.If you’re feeling daring, you can try to compile
caddy
yourself withxcaddy
, it’s super easy.Save your
Caddyfile
’s (ultra important), and uninstallcaddy
. Installxcaddy
(apt install xcaddy [orgo install github.com/caddyserver/xcaddy/cmd/xcaddy
]). Then usexcaddy
to compilecaddy
with the modules you need;$ cd /tmp $ xcaddy build --with github.com/caddy-dns/porkbun --with github.com/caddy-dns/cloudflare --with github.com/some-user/whatever-module
Caddy will build and be spit out in
/tmp/caddy
. Move it to/home/username/.local/bin
or something, and make sure that directory is in your path. Don’t forget tochmod +x caddy
.Run caddy like normal and see if this fixes your issue. If not, you’ll likely have to try and older version of caddy (uninstall and specifically install the previous version or if you can’t, use
xcaddy
withCADDY_VERSION
to build a specific version with your modules), or wait until they push a fix for whatever they broke.That’s what I did for Cloudflare and it works well.
Sorry, I don’t use either of those services. Would you be willing to explain your setup? I use my own CA with HAProxy for TLS termination (with servers side TLS) so I might be able to give some general tips. Maybe.
I’ve never heard of Porkbun, but it doesn’t sound like a caddy issue. Let’s Encrypt requires being able to resolve the DNS name you’re requesting a cert for, and to be able to connect to your web service and fetch a secret to prove you own the domain. If porkbun does something like punch a hole in your LAN firewall and let in http traffic, then porkbun is the problem. Not Caddy.
and to be able to connect to your web service and fetch a secret to prove you own the domain
This part isn’t true, you can use DNS challenge and they don’t need to connect to your service. I have several services on my LAN that have never been accessible from the internet that have Let’s Encrypt certs.
That sounds like the method OP is trying to use.
Then why did you comment? 😂
What are you using the porkbun dns module for, and how does it integrate with caddy? I think reverse proxy is not so related with DNS service, unless you are advertising caddy domains to porkbun via API.
I’m guessing they are doing DNS challenge for getting Let’s Encrypt certs.