I used the migration script and things seemed to have worked apart from caddy not taking a valid cert so I can’t visit the firezone interface yet. Firefox just shows
Secure Connection Failed
An error occurred during a connection to wg.mysite.com.Peer reports it experienced an internal error.
Error code: SSL_ERROR_INTERNAL_ERROR_ALERT
I saw mentions of needing --internal-certs to be added to CADDY_OPTS, currently in my .firezone/.env CADDY_OPTS= is empty.
I added this and restarted docker but nothing changed, is a restart sufficient or is something more needed?
the .env seems one-off setting during initalize, and change it manually afterwards seems won’t overwrite the setting.
for quick check and fix, I usually rebuild a new container if any change is required.
here is an example for my setting, this is for podman but I assume docker should work well also.
(keep in mind you will require to remove existing caddy container before the script)
Remark: you should provide the default installation location as well into variable FZ_INSTALL_DIR
declare the caddy config and FZ_INSTALL_DIR
tlsOpts=" tls { on_demand }"
FZ_INSTALL_DIR=
once you have declare both variable , you can then execute the command:
People facing something similar - For some reason even for a fresh install it was not picking up the file $HOME/.firezone/.env, I had to place the docker-compose.yaml and .env file in the $HOME directory from where I was running these docker commands.