Caddy server acme challenge with Cloudflare DNS

Server environment

Debian 11 sid x64
Acme provider: BuyPass Go SSL

User --> Cloudflare proxy --> Buypass Go SSL --> Caddy --> application

Download Caddy with Cloudflare DNS plugin

https://caddyserver.com/download with dns.providers.cloudflare plugin

Set up a Cloudflare Token API

https://dash.cloudflare.com/profile/api-tokens

Permission: Zone.Zone, Zone.DNS

Cloudflare custom token with permission Zone.Zone, Zone.DNS

Caddy configuration setup

{
 auto_https disable_redirects
 acme_ca https://api.buypass.com/acme/directory
 email [email protected]
 acme_dns cloudflare <Cloudflare Token>
}

## Wakatime API
https://waka.xxx.com:443 {
        ## Block someone to signup
        respond /signup 404
        ## reverse proxy
        reverse_proxy 127.0.0.1:3000

}

Install custom build caddy

Upload it to your server, rename, replace original caddy binary then restart entire Caddy service

## Check where is your caddy installed
which caddy
## Mine is install under /usr/bin
/usr/bin/caddy

## Rename and alter exectution permission
mv caddy_linux_amd64_custom caddy
chmod +x caddy
mv caddy /usr/bin/

## Add Cloudflare Token 
nano /etc/caddy/Caddyfile

## Restart and apply new configuration
service caddy restart

## Check the logs
journalctl -f -u caddy.service

You can build with your self

## Go install Xcaddy
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest

## Xcaddy build cloudflare api
xcaddy build --with github.com/caddy-dns/cloudflare

## Check modules 
caddy list-modules | grep dns

If you build successful, you will see something like this

References

  1. https://www.loggly.com/ultimate-guide/using-journalctl/
  2. https://caddy.community/t/setting-up-cloudflare-with-caddy/13911
  3. https://acytoo.com/ladder/set-caddy-cloudflare-cdn/