Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[HELP] Not possible to create an SSL certificate #386

Open
daendaen opened this issue Nov 9, 2024 · 34 comments
Open

[HELP] Not possible to create an SSL certificate #386

daendaen opened this issue Nov 9, 2024 · 34 comments
Assignees
Labels
help wanted Extra attention is needed

Comments

@daendaen
Copy link

daendaen commented Nov 9, 2024

Hi,

I’ve installed the latest version of Zoraxy as a Docker container, and the necessary ports are open.

Now, I wanted to secure my DNS address with an SSL certificate, but I keep getting the following error.

Error: one or more domains had a problem: [DOMAIN.ddns.net] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: 99.999.99.99: Invalid response from http://DOMAIN.ddns.net/.well-known/acme-challenge/7k9pJWEaLAxLMDVBsUffVCDv1ykyckWNpfoBulj4fq8: 404

As a test, I set up the DNS address with SSL using Nginx, and that worked without any issues.

Does anyone have an idea what might be causing this?

Best regards,

@daendaen daendaen added the help wanted Extra attention is needed label Nov 9, 2024
@daendaen daendaen changed the title [HELP] [HELP] Not possible to create an SSL certificate Nov 9, 2024
@xxLexanixx
Copy link

xxLexanixx commented Nov 12, 2024

i have the same issue

[mydomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: 12.34.56.78: Invalid response from http://mydomain.com/.well-known/acme-challenge/ulhLOyyun5LCNDLDLtLA3nm0bnW7-LuVvFdqTdNaq1o: 404

Portforwarding for 80 and 443 is active
i can create certificates at the nginx proxy manager without problems

@tobychui
Copy link
Owner

@yeungalan Can you help check if the latest version of Zoraxy ACME module got any issue regarding http-01 challenge?

Though, from what I observed, these issues mostly come from inbound network settings. In your case, I would recommend keep using NPM if it works in your specific network environment (and maybe use Zoraxy as a 2nd layer proxy). NPM is more compatible with de-facto or "wired" network setups as it is a much more mature and old project.

@yeungalan
Copy link
Collaborator

checking

@yeungalan
Copy link
Collaborator

looks like DNS01 and HTTP01 both broke, maybe due to @tobychui 's recent code change

@yeungalan
Copy link
Collaborator

2024/11/15 01:33:24 [INFO] acme: Registering account for [email protected]
2024/11/15 01:33:24 [INFO] [r5desktop.alanyeung.co] acme: Obtaining bundled SAN certificate
2024/11/15 01:33:24 [INFO] [r5desktop.alanyeung.co] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/430439213837
2024/11/15 01:33:24 [INFO] [r5desktop.alanyeung.co] acme: Could not find solver for: tls-alpn-01
2024/11/15 01:33:24 [INFO] [r5desktop.alanyeung.co] acme: Could not find solver for: http-01
2024/11/15 01:33:24 [INFO] [r5desktop.alanyeung.co] acme: use dns-01 solver
2024/11/15 01:33:24 [INFO] [r5desktop.alanyeung.co] acme: Preparing to solve DNS-01

@yeungalan
Copy link
Collaborator

yeungalan commented Nov 15, 2024

2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: Obtaining bundled SAN certificate
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/430439401907
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: Could not find solver for: tls-alpn-01
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: use http-01 solver
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: Trying to solve HTTP-01
2024/11/15 01:35:45 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/430439401907
[2024-11-15 01:35:45.783206] [ACME] [system:error] Obtain certificate failed: error: one or more domains had a problem:
[r5desktop.alanyeung.co] acme: error: 400 :: urn:ietf:params:acme:error:connection :: 0.0.0.0: Fetching http://r5desktop.alanyeung.co/.well-known/acme-challenge/3HkVgOGMyaahKojod9sFKKSVExH47un7wiOwfOJeic8: Timeout after connect (your server may be slow or overloaded)

@yeungalan
Copy link
Collaborator

Hey @tobychui can you rollback your change

@yeungalan
Copy link
Collaborator

yeungalan commented Nov 15, 2024

Steps to recreate the issue

  1. delete sys.db
  2. start the server
  3. run curl -v localhost
  4. acme request by using HTTP01
  5. run curl -v localhost
  6. connection timeout

@tobychui
Copy link
Owner

Hey @tobychui can you rollback your change

Fuck you, no.

Steps to recreate the issue

圖片

圖片

圖片

Cannot reproduce such issue on Windows build v3.1.3. Using a completely fresh install (start with just a single exe file) and immediate visit localhost:80 shows the correct static web server welcome page.

Will be testing http-01 on ramnode now.

@tobychui
Copy link
Owner

Tested on RAMNODE with a Debian 12 Cloud instance. http-01 challenge work perfectly fine.

圖片

圖片

And web server fresh start also working fine on Linux.

@derjasa
Copy link

derjasa commented Nov 16, 2024

I have this problem while running on docker. I am unable to obtain certificate from Lets Encrypt because the webserver becomes unavailable after starting the request process.

@tobychui
Copy link
Owner

@derjasa You have to be specific on what error message you saw during the renew process and how to reproduce it. webserver becomes unavailable is not a valid bug report that we can look into it further and try to help with your issue.

@derjasa
Copy link

derjasa commented Nov 17, 2024

@tobychui That was just a nice note from me since you are trying to reproduce the issue and everyone here seems to be working with the Docker image, but you are not testing with it. That might be where the rabbit is buried.

My log looks exactly the same as

2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: Obtaining bundled SAN certificate
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/430439401907
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: Could not find solver for: tls-alpn-01
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: use http-01 solver
2024/11/15 01:34:00 [INFO] [r5desktop.alanyeung.co] acme: Trying to solve HTTP-01
2024/11/15 01:35:45 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/430439401907
[2024-11-15 01:35:45.783206] [ACME] [system:error] Obtain certificate failed: error: one or more domains had a problem:
[r5desktop.alanyeung.co] acme: error: 400 :: urn:ietf:params:acme:error:connection :: 0.0.0.0: Fetching http://r5desktop.alanyeung.co/.well-known/acme-challenge/3HkVgOGMyaahKojod9sFKKSVExH47un7wiOwfOJeic8: Timeout after connect (your server may be slow or overloaded)

When the process to obtain a certificate is started, the server becomes unavailable for connections. This effects configuration ui, reverse hosts etc. Only a restart of the container does the trick to have everything available again.

@tobychui
Copy link
Owner

@derjasa You have your point. Though, Zoraxy docker is supported by the community and my job here is to make sure that the bug is not initiated from the code base of Zoraxy.

As you pointed out, if this issue only happens with the docker version of Zoraxy, it might be just a misconfiguration in the docker environment from the user side, and a quick readme / docker file update should get everyone systems running.

Hi @PassiveLemon, if you got the time recently, could you help check if this is really a docker problem and see if you can update something in the readme / docker file to help user setup their docker image correctly? Thanks!

@PassiveLemon
Copy link
Collaborator

@derjasa Could you send your current docker configuration for Zoraxy?

@MrCrunshy
Copy link

MrCrunshy commented Nov 18, 2024

Hello @PassiveLemon ,
I have exactly the same problem, what exactly do you need? I'll just attach my compose config.

 services:
   zoraxy:
     image: zoraxydocker/zoraxy:latest
    container_name: zoraxy
    restart: always
    ports:
      - 80:80
      - 443:443
      - 8001:8000
    volumes:
      - /home/pi/docker/zoraxy/config/:/opt/zoraxy/config/
      - /home/pi/docker/zoraxy/config/:/var/lib/zerotier-one/
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime
    environment:
      FASTGEOIP: "true"
      ZEROTIER: "true"

@derjasa
Copy link

derjasa commented Nov 18, 2024

@PassiveLemon Here is mine docker-compose config

services:
  zoraxy:
    image: zoraxydocker/zoraxy:latest
    container_name: zoraxy
    restart: unless-stopped
    ports:
      - 80:80
      - 443:443
      - 8008:8000
    volumes:
      - /opt/zoraxy/data/config/zoraxy:/opt/zoraxy/config/
      - /opt/zoraxy/data/config/zerotier:/var/lib/zerotier-one/
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime
    environment:
      FASTGEOIP: "true"
      ZEROTIER: "false"

@PassiveLemon
Copy link
Collaborator

Both of your configurations look fine, I'm not sure where this issue is coming from. In a moment I will test if I can create certs.

Do you happen to be connecting to a DNS server which contains records for your domain?

@derjasa
Copy link

derjasa commented Nov 18, 2024

Nope, in my case I am using upstream DNS of Azure. The DNS zone is not hosted by those servers.

Only thing I notice is that we both use different exposed port for the managemengt ui.

Currently I pinned my docker-compose config to v3.1.1r3 where I was able to request a certificate successfully for one reverse host. What I noticed:
I have also setup one reverse host for access to the management ui. When trying to request a certificate for this particular host, the reverse hosts and management ui also go offline for a moment and the certificate cant be obtained because of a timeout, but the management ui und reverse hosts are coning back by selve after a while. Maybe this is related.

@PassiveLemon
Copy link
Collaborator

The management port wouldn't have any affect on cert creation, as the name would suggest, it's only for accessing the UI as far as I know.
If you were to use HTTP challenging, then not having port 80/443 exposed would cause problems but you do have those ports listed and said that port forwarding for those was setup (I'm assuming on the router) so, unless the port forwarding is incorrectly set up, then there shouldn't be a problem.
DNS challenging does not require the exposed ports as it uses a validation TXT record with domain registrar.

Looking at that ACME error online, it appears it's related to the connection to the server, in this case, your A/AAAA record to your host machine is not complete, possibly from an incorrectly configured port forward. But you also mentioned that you could create a cert in NPM which means the connection is complete (unless that was done with DNS challenging).

The UI going offline sounds problematic but I don't think that's something I can help with. Are you sure that it's just the web UI going down or is the container restarting?

@derjasa
Copy link

derjasa commented Nov 18, 2024

As mentioned I am on Azure. The host has it`s own public IP, portforwarding is not required but ports are allowed by attached azure incoming traffic rule. Normally I am running NPM on that docker host and did an inplace replacement with zoraxy. So port 80+443 are fine in my case.

If the DNS record wouldnt be complete, a connection attempt wouldnt even be possible to establish. But the error says "Timeout after connect".
As mentioned, the coimplete zoraxy proxy is not avaiable during this time, on port 443, 80, and 8000. The above ACME error shows exactly that, because the ACME Instance tries to connect to the Zoraxy host to check the .well-known directory, but that is not available because zoraxy is no longer listening on 443+80+8000 and so the request from Acme Instance is timing out and the HTTP challange failes.

The Container itselve is still running... i used to start without -d option for monitoring purpose.

@PassiveLemon
Copy link
Collaborator

Would you be able to test outside of Docker and/or with older versions? Maybe then we can figure out when the issue occurs

@MrCrunshy
Copy link

What else I tried. I just set up a Windows server and ran Zoraxy as a Windows program on it.
I simply set the port forwarding on my router to the new machine and was able to create the certificates without any problems.
So I've ruled out any forwarding, DNS or record problems.

@MrCrunshy
Copy link

So I tried it with 3.1.2, I was assigned a certificate. But then the entire container crashed. I had to restart the entire container. Here are the logs:

[2024-11-18 20:54:24.016847] [ACME] [system:info] Temporarily enabling port 80 listener to handle ACME request 
[2024-11-18 20:54:25.372081] [dprouter] [system:info] Starting HTTP-to-HTTPS redirector (port 80)
[2024-11-18 20:54:25.372153] [dprouter] [system:info] Reverse proxy service started in the background (TLS mode)
[2024-11-18 20:54:27.372299] [internal] [system:info] Temporary enabling HTTP to HTTPS redirect for ACME certificate renew requests
[2024-11-18 20:54:27.372444] [dprouter] [system:info] HTTP to HTTPS redirection listener stopped
[2024-11-18 20:54:27.672933] [dprouter] [system:info] Starting HTTP-to-HTTPS redirector (port 80)
[2024-11-18 20:54:27.672980] [dprouter] [system:info] Reverse proxy service started in the background (TLS mode)
2024/11/18 20:54:28 http: TLS handshake error from 192.168.178.1:33146: EOF
[2024-11-18 20:54:29.674010] [ACME] [system:info] Obtaining certificate for: test.XXX.de
[2024-11-18 20:54:29.674062] [ACME] [system:info] CA not set. Using default
[2024-11-18 20:54:29.674085] [ACME] [system:info] Using https://acme-v02.api.letsencrypt.org/directory for CA Directory URL
2024/11/18 20:54:30 [INFO] acme: Registering account for [email protected]
2024/11/18 20:54:30 [INFO] [test.XXX.de] acme: Obtaining bundled SAN certificate
2024/11/18 20:54:31 [INFO] [test.XXX.de] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/432063454792
2024/11/18 20:54:31 [INFO] [test.XXX.de] acme: Could not find solver for: tls-alpn-01
2024/11/18 20:54:31 [INFO] [test.XXX.de] acme: use http-01 solver
2024/11/18 20:54:31 [INFO] [test.XXX.de] acme: Trying to solve HTTP-01
2024/11/18 20:54:33 [INFO] [test.XXX.de] Served key authentication
2024/11/18 20:54:33 [INFO] [test.XXX.de] Served key authentication
2024/11/18 20:54:34 [INFO] [test.XXX.de] Served key authentication
2024/11/18 20:54:35 [INFO] [test.XXX.de] Served key authentication
2024/11/18 20:54:44 [INFO] [test.XXX.de] Served key authentication
2024/11/18 20:54:45 [INFO] [test.XXX.de] The server validated our request
2024/11/18 20:54:45 [INFO] [test.XXX.de] acme: Validations succeeded; requesting certificates
2024/11/18 20:54:47 [INFO] [test.XXX.de] Server responded with a certificate.
[2024-11-18 20:54:47.498678] [ACME] [system:info] Restoring previous port 80 listener settings
[2024-11-18 20:54:47.498689] [dprouter] [system:info] HTTP to HTTPS redirection listener stopped
[2024-11-18 20:54:47.799305] [dprouter] [system:info] Reverse proxy service started in the background (TLS mode)
[2024-11-18 20:54:47.799370] [ACME] [system:info] Restoring HTTP to HTTPS redirect settings
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x32760c]

goroutine 2728 [running]:
net/http.(*Server).shuttingDown(...)
	/usr/local/go/src/net/http/server.go:3465
net/http.(*Server).ListenAndServeTLS(0x0?, {0x0?, 0x0?}, {0x0?, 0x0?})
	/usr/local/go/src/net/http/server.go:3543 +0x2c
imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService.func4()
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:227 +0x38
created by imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService in goroutine 173
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:226 +0x554
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
CA certificates updated
ZeroTier daemon started
Starting Zoraxy...
Checking required config update
[2024-11-18 20:54:48.853653] [auth] [system:info] Authentication session key loaded from database
[2024-11-18 20:54:51.853453] [static-webserv] [system:info] Static Web Server started. Listeing on :5487
2024/11/18 20:54:51 Environment variable ZT_AUTH not defined. Trying to load authtoken from file.
2024/11/18 20:54:51 Zerotier authkey loaded
[2024-11-18 20:54:51.864348] [internal] [system:info] Starting ACME handler
[2024-11-18 20:54:51.864386] [cert-renew] [system:info] ACME early renew set to 30 days and check interval set to 86400 seconds
[2024-11-18 20:54:52.865653] [internal] [system:info] Force latest TLS mode disabled. Minimum TLS version is set to v1.0
[2024-11-18 20:54:52.865694] [internal] [system:info] Serving inbound port 443
[2024-11-18 20:54:52.865706] [internal] [system:info] TLS mode enabled. Serving proxxy request with TLS
[2024-11-18 20:54:52.865714] [internal] [system:info] Development mode enabled. Using no-store Cache Control policy
[2024-11-18 20:54:52.865722] [internal] [system:info] Port 80 listener disabled
[2024-11-18 20:54:52.865808] [internal] [system:info] Force HTTPS mode disabled
[2024-11-18 20:54:52.865862] [proxy-config] [system:info] caldav.XXX.de -> 192.168.178.3:5001 routing rule loaded
[2024-11-18 20:54:52.865906] [proxy-config] [system:info] dashy.XXX.de -> 192.168.178.2:8088 routing rule loaded
[2024-11-18 20:54:52.865927] [proxy-config] [system:info] dashy.XXX.de -> 172.17.0.1:8088 routing rule loaded
[2024-11-18 20:54:52.865937] [proxy-config] [system:info] goty.XXX.de -> 172.17.0.1:8097 routing rule loaded
[2024-11-18 20:54:52.866039] [proxy-config] [system:info] goty.XXX.de -> 172.17.0.1:8097 routing rule loaded
[2024-11-18 20:54:52.866060] [proxy-config] [system:info] nas.XXX.de -> 192.168.178.3:5000 routing rule loaded
[2024-11-18 20:54:52.866116] [proxy-config] [system:info] nas.XXX.de -> 192.168.178.3:5000 routing rule loaded
[2024-11-18 20:54:52.866135] [proxy-config] [system:info] nc.XXX.de -> 192.168.178.2:11000 routing rule loaded
[2024-11-18 20:54:52.866152] [proxy-config] [system:info] pihole.XXX.de -> 192.168.178.2:8083/admin routing rule loaded
[2024-11-18 20:54:52.866192] [proxy-config] [system:info] pihole.XXX.de -> 192.168.178.2:8083/admin  routing rule loaded
[2024-11-18 20:54:52.866202] [proxy-config] [system:info] portainer.XXX.de -> 172.17.0.1:9443 routing rule loaded
[2024-11-18 20:54:52.866267] [proxy-config] [system:info] portainer.XXX.de -> 172.17.0.1:9443 routing rule loaded
[2024-11-18 20:54:52.866285] [proxy-config] [system:info] / -> 127.0.0.1:5487 routing rule loaded
[2024-11-18 20:54:52.866291] [proxy-config] [system:info] sso.XXX.de -> 192.168.178.11:9442 routing rule loaded
[2024-11-18 20:54:52.866297] [proxy-config] [system:info] sso.XXX.de -> 192.168.178.11:9442 routing rule loaded
[2024-11-18 20:54:52.866358] [proxy-config] [system:info] test.XXX.de -> 192.168.178.1 routing rule loaded
[2024-11-18 20:54:52.866426] [proxy-config] [system:info] vault.XXX.de -> 192.168.178.2:8085 routing rule loaded
[2024-11-18 20:54:52.866447] [proxy-config] [system:info] vault.XXX.de -> 192.168.178.2:8085 routing rule loaded
[2024-11-18 20:54:52.866452] [proxy-config] [system:info] wiki.XXX.de -> 192.168.178.2:8087 routing rule loaded
[2024-11-18 20:54:52.866482] [proxy-config] [system:info] zoraxy.XXX.de -> 172.17.0.1:8001 routing rule loaded
[2024-11-18 20:54:52.866501] [proxy-config] [system:info] wikijs.XXX.de -> 172.17.0.1:8087 routing rule loaded
[2024-11-18 20:54:53.167196] [dprouter] [system:info] Reverse proxy service started in the background (TLS mode)
[2024-11-18 20:54:53.167394] [internal] [system:info] Dynamic Reverse Proxy service started
[2024-11-18 20:54:53.366139] [internal] [system:info] Zoraxy started. Visit control panel at http://localhost:8000
[2024-11-18 20:54:53.366171] [internal] [system:info] Assigned temporary port:32277
[2024-11-18 20:54:53.675411] [internal] [system:info] Uptime Monitor background service started
2024/11/18 20:54:58 http: TLS handshake error from 192.168.178.1:54762: EOF
[2024-11-18 20:55:21.854919] [internal] [system:info] mDNS Startup scan completed
2024/11/18 20:55:28 http: TLS handshake error from 192.168.178.1:38798: EOF

@dennyb
Copy link

dennyb commented Nov 18, 2024

Got the same issue with the docker container image.
Fresh installation like in the docs mentioned.
Unable to create the certificates.

[2024-11-18 22:18:28.992583] [uptime-monitor] [system:info] Uptime updated - 1731968308
[2024-11-18 22:18:57.670697] [internal] [system:info] mDNS scan result updated
[2024-11-18 22:22:17.512830] [dprouter] [system:info] Starting HTTP-to-HTTPS redirector (port 80)
[2024-11-18 22:22:17.512847] [dprouter] [system:info] Reverse proxy service started in the background (TLS mode)
[2024-11-18 22:22:42.113452] [ACME] [system:info] Using https://acme-v02.api.letsencrypt.org/directory for CA Directory URL
[2024-11-18 22:22:42.113486] [ACME] [system:info] Obtaining certificate for: uptime.XXX.de
[2024-11-18 22:22:47.387101] [ACME] [system:error] Obtain certificate failed: error: one or more domains had a problem:
[uptime.XXX.de] acme: error: 400 :: urn:ietf:params:acme:error:connection :: XX.XX.130.213: Fetching https://uptime.XXX.de/.well-known/acme-challenge/BSyGOI_4-4gvCqJE6L3K38lXltvwwYyuzCJj-zTlBmA: Error getting validation data

I'm able to visit this domain without SSL and everything working. Also HTTPS is working (but with wrong certificate).
The only think with is making issues is everything related with .well-known

@tobychui
Copy link
Owner

I found something interesting from @MrCrunshy log.

This part is from Zoraxy for sure

goroutine 2728 [running]:
net/http.(*Server).shuttingDown(...)
	/usr/local/go/src/net/http/server.go:3465
net/http.(*Server).ListenAndServeTLS(0x0?, {0x0?, 0x0?}, {0x0?, 0x0?})
	/usr/local/go/src/net/http/server.go:3543 +0x2c
imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService.func4()
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:227 +0x38
created by imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService in goroutine 173
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:226 +0x554

But this is not from Zoraxy, and I do not recall we have any functions that interact with /etc/ssl/certs folder.

Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.

I am guessing Ubuntu (docker base image) have been doing something weird to the certificate requesting process.

@PassiveLemon
Copy link
Collaborator

PassiveLemon commented Nov 19, 2024

Yep, that bottom part is something I had to add to make sure that Ca-certs were always updated, there was an issue that arose when they weren't: #309 #307

@tobychui tobychui mentioned this issue Nov 24, 2024
@PassiveLemon
Copy link
Collaborator

PassiveLemon commented Nov 24, 2024

It's hard to say, I've been unable to reproduce the issue and the SIGSEGV is not something I can troubleshoot.

Networking is ruled out since there was comparable NPM setup and Zoraxy on another machine, both were able to generate certificates with an HTTP challenge.

Supposedly the management UI would go down when generating the certificate but I never experienced that.

Some questions for those of you who are experiencing this:

  • What container arch are you using? (I use amd64)
  • What DNS provider and CA are you using for TLS? (I use Cloudflare and Let's Encrypt)
  • Could you now test v3.1.4 and see if you still have this issue?

@MrCrunshy
Copy link

Hello,

So first your questions:
I use the container for the Raspberry 5 Arm64
My DNS providers are:
Cloudflare with LetsEncrypt for my .com domain and
All-inkl with LetsEncrypt for my .de domain.

I tested the new version. Of around 6 attempts, 5 went through without any problems. Once the container restarted again.
The log is unfortunately cut off at the top in case it appears again. Try to find a complete one.

/usr/local/go/src/net/http/server.go:3330 +0x294
net/http.(*Server).ServeTLS(0x40439ce000, {0x47ac4d0, 0x4000c00a80}, {0x0, 0x0}, {0x0, 0x0})
	/usr/local/go/src/net/http/server.go:3401 +0x370
net/http.(*Server).ListenAndServeTLS(0x40439ce000, {0x0, 0x0}, {0x0, 0x0})
	/usr/local/go/src/net/http/server.go:3558 +0xe8
imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService.func4()
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:227 +0x38
created by imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService in goroutine 48
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:226 +0x554

goroutine 216 [select, 2 minutes]:
imuslab.com/zoraxy/mod/uptime.NewUptimeMonitor.func1()
	/opt/zoraxy/source/mod/uptime/uptime.go:89 +0xf4
created by imuslab.com/zoraxy/mod/uptime.NewUptimeMonitor in goroutine 29
	/opt/zoraxy/source/mod/uptime/uptime.go:87 +0x158

goroutine 25 [IO wait]:
internal/poll.runtime_pollWait(0x7fff68a1c878, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4000e9ee80?, 0x7eb98?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Accept(0x4000e9ee80)
	/usr/local/go/src/internal/poll/fd_unix.go:620 +0x24c
net.(*netFD).accept(0x4000e9ee80)
	/usr/local/go/src/net/fd_unix.go:172 +0x28
net.(*TCPListener).accept(0x4000d73ac0)
	/usr/local/go/src/net/tcpsock_posix.go:159 +0x28
net.(*TCPListener).Accept(0x4000d73ac0)
	/usr/local/go/src/net/tcpsock.go:372 +0x2c
net/http.(*Server).Serve(0x40439ce0f0, {0x47ac4d0, 0x4000d73ac0})
	/usr/local/go/src/net/http/server.go:3330 +0x294
net/http.(*Server).ListenAndServe(0x40439ce0f0)
	/usr/local/go/src/net/http/server.go:3259 +0x84
imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService.func3()
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:215 +0x28
created by imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService in goroutine 48
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:214 +0x4ac

goroutine 24 [chan receive, 120 minutes]:
imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService.func2()
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:206 +0x3c
created by imuslab.com/zoraxy/mod/dynamicproxy.(*Router).StartProxyService in goroutine 48
	/opt/zoraxy/source/mod/dynamicproxy/dynamicproxy.go:205 +0x45c

goroutine 22 [select]:
imuslab.com/zoraxy/mod/dynamicproxy.(*Router).startRateLimterCounterResetTicker.func1()
	/opt/zoraxy/source/mod/dynamicproxy/ratelimit.go:108 +0x98
created by imuslab.com/zoraxy/mod/dynamicproxy.(*Router).startRateLimterCounterResetTicker in goroutine 48
	/opt/zoraxy/source/mod/dynamicproxy/ratelimit.go:106 +0xd4

goroutine 38436 [select]:
net/http.(*persistConn).writeLoop(0x4044f02d80)
	/usr/local/go/src/net/http/transport.go:2519 +0x9c
created by net/http.(*Transport).dialConn in goroutine 38433
	/usr/local/go/src/net/http/transport.go:1875 +0x1098

goroutine 37271 [IO wait, 2 minutes]:
internal/poll.runtime_pollWait(0x7fff662bdb88, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4045c95300?, 0x404574a400?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4045c95300, {0x404574a400, 0xc00, 0xc00})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4045c95300, {0x404574a400?, 0x404574a465?, 0x5?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4045795ab8, {0x404574a400?, 0x40479f7a48?, 0x8?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x4047ac6708, {0x404574a400?, 0x0?, 0x4047ac6708?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40479f7b38, {0x4769680, 0x4047ac6708})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x40479f7888, {0x47698a0, 0x4045795ab8}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x40479f7888, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x40479f7888, {0x4047bab000, 0x9, 0x2efad0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
io.ReadAtLeast({0x7fff661a9b48, 0x40479f7888}, {0x4047bab000, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x4047bab000, 0x9, 0x40476b8540?}, {0x7fff661a9b48?, 0x40479f7888?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x4047baafc0)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2serverConn).readFrames(0x40476ee1c0)
	/usr/local/go/src/net/http/h2_bundle.go:4691 +0x98
created by net/http.(*http2serverConn).serve in goroutine 37270
	/usr/local/go/src/net/http/h2_bundle.go:4804 +0x460

goroutine 42262 [IO wait]:
internal/poll.runtime_pollWait(0x7fff65eacd28, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4047ccbd00?, 0x403b908000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4047ccbd00, {0x403b908000, 0x1000, 0x1000})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4047ccbd00, {0x403b908000?, 0x0?, 0x0?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4045b46a18, {0x403b908000?, 0x72?, 0x40439771a8?})
	/usr/local/go/src/net/net.go:189 +0x34
net/http.(*connReader).Read(0x40439771a0, {0x403b908000, 0x1000, 0x1000})
	/usr/local/go/src/net/http/server.go:798 +0x224
bufio.(*Reader).fill(0x4045bc0780)
	/usr/local/go/src/bufio/bufio.go:110 +0xf8
bufio.(*Reader).Peek(0x4045bc0780, 0x4)
	/usr/local/go/src/bufio/bufio.go:148 +0x60
net/http.(*conn).serve(0x40439baea0, {0x47b0178, 0x4043a547e0})
	/usr/local/go/src/net/http/server.go:2127 +0x634
created by net/http.(*Server).Serve in goroutine 25
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 42221 [IO wait]:
internal/poll.runtime_pollWait(0x7fff65f4bcd0, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4047c75300?, 0x4031a2d000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4047c75300, {0x4031a2d000, 0x1000, 0x1000})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4047c75300, {0x4031a2d000?, 0x47682c0?, 0x237efa0?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x404497c8d8, {0x4031a2d000?, 0x404570acb8?, 0x2143c?})
	/usr/local/go/src/net/net.go:189 +0x34
net/http.(*persistConn).Read(0x4044998a20, {0x4031a2d000?, 0x252b440?, 0x404399c600?})
	/usr/local/go/src/net/http/transport.go:2052 +0x50
bufio.(*Reader).fill(0x4047bc2ea0)
	/usr/local/go/src/bufio/bufio.go:110 +0xf8
bufio.(*Reader).Peek(0x4047bc2ea0, 0x1)
	/usr/local/go/src/bufio/bufio.go:148 +0x60
net/http.(*persistConn).readLoop(0x4044998a20)
	/usr/local/go/src/net/http/transport.go:2205 +0x138
created by net/http.(*Transport).dialConn in goroutine 42219
	/usr/local/go/src/net/http/transport.go:1874 +0x1050

goroutine 41811 [select]:
net/http.(*http2serverConn).serve(0x4044ee6c40)
	/usr/local/go/src/net/http/h2_bundle.go:4812 +0x6ec
net/http.(*http2Server).serveConn(0x4042bf5740, {0x47be4f8, 0x40468b6388}, 0x4043b57b28, 0x0)
	/usr/local/go/src/net/http/h2_bundle.go:4402 +0x97c
net/http.(*http2Server).ServeConn(...)
	/usr/local/go/src/net/http/h2_bundle.go:4266
net/http.http2ConfigureServer.func1(0x40439ce000, 0x40468b6388, {0x4768a20, 0x4047686540})
	/usr/local/go/src/net/http/h2_bundle.go:4185 +0x100
net/http.(*conn).serve(0x4047a001b0, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2000 +0xfa0
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 19231 [select]:
net/http.(*http2serverConn).serve(0x404421d6c0)
	/usr/local/go/src/net/http/h2_bundle.go:4812 +0x6ec
net/http.(*http2Server).serveConn(0x4042bf5740, {0x47be4f8, 0x4000ea4388}, 0x40012c1b28, 0x0)
	/usr/local/go/src/net/http/h2_bundle.go:4402 +0x97c
net/http.(*http2Server).ServeConn(...)
	/usr/local/go/src/net/http/h2_bundle.go:4266
net/http.http2ConfigureServer.func1(0x40439ce000, 0x4000ea4388, {0x4768a20, 0x4044170980})
	/usr/local/go/src/net/http/h2_bundle.go:4185 +0x100
net/http.(*conn).serve(0x40443a9440, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2000 +0xfa0
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 38746 [IO wait]:
internal/poll.runtime_pollWait(0x7fff662bd610, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4038c27680?, 0x4048299400?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4038c27680, {0x4048299400, 0x2500, 0x2500})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4038c27680, {0x4048299400?, 0x40452cd8f8?, 0x48da0?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4044dad1b0, {0x4048299400?, 0x4047e3ba48?, 0x8?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x4047b50450, {0x4048299400?, 0x4044ee6e00?, 0x4047b50450?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x4047e3bb38, {0x4769680, 0x4047b50450})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x4047e3b888, {0x47698a0, 0x4044dad1b0}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x4047e3b888, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x4047e3b888, {0x4045983000, 0x1000, 0x309898?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
bufio.(*Reader).Read(0x40479d5380, {0x40438fe3c0, 0x9, 0x7dfd4d0?})
	/usr/local/go/src/bufio/bufio.go:241 +0x1b4
io.ReadAtLeast({0x4768660, 0x40479d5380}, {0x40438fe3c0, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x40438fe3c0, 0x9, 0x4047b6ae40?}, {0x4768660?, 0x40479d5380?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x40438fe380)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2clientConnReadLoop).run(0x40452cdf98)
	/usr/local/go/src/net/http/h2_bundle.go:9496 +0xd0
net/http.(*http2ClientConn).readLoop(0x4043f62300)
	/usr/local/go/src/net/http/h2_bundle.go:9392 +0x78
created by net/http.(*http2Transport).newClientConn in goroutine 38745
	/usr/local/go/src/net/http/h2_bundle.go:8006 +0xae0

goroutine 18609 [select]:
net/http.(*http2serverConn).serve(0x4044436380)
	/usr/local/go/src/net/http/h2_bundle.go:4812 +0x6ec
net/http.(*http2Server).serveConn(0x4042bf5740, {0x47be4f8, 0x4043e5e008}, 0x4043c7db28, 0x0)
	/usr/local/go/src/net/http/h2_bundle.go:4402 +0x97c
net/http.(*http2Server).ServeConn(...)
	/usr/local/go/src/net/http/h2_bundle.go:4266
net/http.http2ConfigureServer.func1(0x40439ce000, 0x4043e5e008, {0x4768a20, 0x4044d6eca0})
	/usr/local/go/src/net/http/h2_bundle.go:4185 +0x100
net/http.(*conn).serve(0x4000c081b0, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2000 +0xfa0
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 42263 [select]:
net/http.(*persistConn).roundTrip(0x4044f02d80, 0x4044bb7180)
	/usr/local/go/src/net/http/transport.go:2755 +0x694
net/http.(*Transport).roundTrip(0x7e78780, 0x40457c3040)
	/usr/local/go/src/net/http/transport.go:644 +0x924
net/http.(*Transport).RoundTrip(0x4043a9d8f0?, 0x0?)
	/usr/local/go/src/net/http/roundtrip.go:30 +0x1c
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ProxyHTTP(0x4043a32ff0, {0x47ac200, 0x4045b46a50}, 0x404540af00, 0x4044955aa0)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:326 +0x370
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ServeHTTP(0x404801a5d0?, {0x47ac200?, 0x4045b46a50?}, 0xd?, 0x4043e62978?)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:504 +0x74
imuslab.com/zoraxy/mod/dynamicproxy/loadbalance.(*Upstream).ServeHTTP(0x4043e62b30?, {0x47ac200?, 0x4045b46a50?}, 0x0?, 0x4000c069b8?)
	/opt/zoraxy/source/mod/dynamicproxy/loadbalance/upstream.go:71 +0x5c
imuslab.com/zoraxy/mod/dynamicproxy.(*ProxyHandler).hostRequest(0x4000c06628, {0x47ac200, 0x4045b46a50}, 0x404540af00, 0x4000c25cc0)
	/opt/zoraxy/source/mod/dynamicproxy/proxyRequestHandler.go:175 +0x48c
imuslab.com/zoraxy/mod/dynamicproxy.(*ProxyHandler).ServeHTTP(0x4000c06628, {0x47ac200, 0x4045b46a50}, 0x404540af00)
	/opt/zoraxy/source/mod/dynamicproxy/Server.go:122 +0x590
net/http.serverHandler.ServeHTTP({0x4043e62d08?}, {0x47ac200?, 0x4045b46a50?}, 0x5fe8c?)
	/usr/local/go/src/net/http/server.go:3210 +0xbc
net/http.initALPNRequest.ServeHTTP({{0x47b0178?, 0x40440845a0?}, 0x4000ea4388?, {0x40439ce000?}}, {0x47ac200, 0x4045b46a50}, 0x404540af00)
	/usr/local/go/src/net/http/server.go:3819 +0x1b4
net/http.(*http2serverConn).runHandler(0x0?, 0x8cfb4?, 0x4044999320?, 0x0?)
	/usr/local/go/src/net/http/h2_bundle.go:6249 +0xe8
created by net/http.(*http2serverConn).scheduleHandler in goroutine 19231
	/usr/local/go/src/net/http/h2_bundle.go:6183 +0x208

goroutine 37268 [IO wait, 2 minutes]:
internal/poll.runtime_pollWait(0x7fff65f4c130, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4044a4bc80?, 0x4044292000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4044a4bc80, {0x4044292000, 0x1000, 0x1000})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4044a4bc80, {0x4044292000?, 0x47682c0?, 0x237efa0?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4045795ab0, {0x4044292000?, 0x4043e67cb8?, 0x2143c?})
	/usr/local/go/src/net/net.go:189 +0x34
net/http.(*persistConn).Read(0x404598cea0, {0x4044292000?, 0x252b440?, 0x404399c600?})
	/usr/local/go/src/net/http/transport.go:2052 +0x50
bufio.(*Reader).fill(0x40457ca4e0)
	/usr/local/go/src/bufio/bufio.go:110 +0xf8
bufio.(*Reader).Peek(0x40457ca4e0, 0x1)
	/usr/local/go/src/bufio/bufio.go:148 +0x60
net/http.(*persistConn).readLoop(0x404598cea0)
	/usr/local/go/src/net/http/transport.go:2205 +0x138
created by net/http.(*Transport).dialConn in goroutine 37299
	/usr/local/go/src/net/http/transport.go:1874 +0x1050

goroutine 42295 [select]:
net/http.(*persistConn).roundTrip(0x404598cea0, 0x40443442d0)
	/usr/local/go/src/net/http/transport.go:2755 +0x694
net/http.(*Transport).roundTrip(0x7e78780, 0x40452d1540)
	/usr/local/go/src/net/http/transport.go:644 +0x924
net/http.(*Transport).RoundTrip(0x40452d1540?, 0x4768940?)
	/usr/local/go/src/net/http/roundtrip.go:30 +0x1c
net/http.send(0x404577f680, {0x4768940, 0x7e78780}, {0x2d7e34?, 0x8?, 0x7ebd560?})
	/usr/local/go/src/net/http/client.go:259 +0x4ac
net/http.(*Client).send(0x404221f1d0, 0x404577f680, {0x4046d4bbb8?, 0x40459edf80?, 0x7ebd560?})
	/usr/local/go/src/net/http/client.go:180 +0x9c
net/http.(*Client).do(0x404221f1d0, 0x404577f680)
	/usr/local/go/src/net/http/client.go:725 +0x6a8
net/http.(*Client).Do(...)
	/usr/local/go/src/net/http/client.go:590
imuslab.com/zoraxy/mod/uptime.getWebsiteStatus({0x40486a8900, 0x1a})
	/opt/zoraxy/source/mod/uptime/uptime.go:257 +0x214
imuslab.com/zoraxy/mod/uptime.(*Monitor).getWebsiteStatusWithLatency(0x4000077610, {0x40486a8900, 0x1a})
	/opt/zoraxy/source/mod/uptime/uptime.go:217 +0x54
imuslab.com/zoraxy/mod/uptime.(*Monitor).ExecuteUptimeCheck(0x4000077610)
	/opt/zoraxy/source/mod/uptime/uptime.go:107 +0xdc
main.UpdateUptimeMonitorTargets.func1()
	/opt/zoraxy/source/wrappers.go:80 +0x24
created by main.UpdateUptimeMonitorTargets in goroutine 38275
	/opt/zoraxy/source/wrappers.go:79 +0x1ec

goroutine 42348 [IO wait]:
internal/poll.runtime_pollWait(0x7fff65eac7b0, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4041d84a00?, 0x4047b43361?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4041d84a00, {0x4047b43361, 0x1, 0x1})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4041d84a00, {0x4047b43361?, 0x4000c88680?, 0x404643af3e?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4044dacc40, {0x4047b43361?, 0x404643afa8?, 0x32c6b4?})
	/usr/local/go/src/net/net.go:189 +0x34
net/http.(*connReader).backgroundRead(0x4047b43350)
	/usr/local/go/src/net/http/server.go:690 +0x40
created by net/http.(*connReader).startBackgroundRead in goroutine 38450
	/usr/local/go/src/net/http/server.go:686 +0xc4

goroutine 18568 [IO wait]:
internal/poll.runtime_pollWait(0x7fff65eac350, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4044a4ac00?, 0x403c07a000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4044a4ac00, {0x403c07a000, 0xa80, 0xa80})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4044a4ac00, {0x403c07a000?, 0x4044233978?, 0x7fffaf688108?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x40443aa1d0, {0x403c07a000?, 0x40442339f8?, 0x2ea5ac?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x4047ac6fc0, {0x403c07a000?, 0x0?, 0x4047ac6fc0?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x4043e5e2b8, {0x4769680, 0x4047ac6fc0})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x4043e5e008, {0x47698a0, 0x40443aa1d0}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x4043e5e008, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x4043e5e008, {0x40438fe120, 0x9, 0x2efad0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
io.ReadAtLeast({0x7fff661a9b48, 0x4043e5e008}, {0x40438fe120, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x40438fe120, 0x9, 0x40480dd0b0?}, {0x7fff661a9b48?, 0x4043e5e008?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x40438fe0e0)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2serverConn).readFrames(0x4044436380)
	/usr/local/go/src/net/http/h2_bundle.go:4691 +0x98
created by net/http.(*http2serverConn).serve in goroutine 18609
	/usr/local/go/src/net/http/h2_bundle.go:4804 +0x460

goroutine 42222 [select]:
net/http.(*persistConn).writeLoop(0x4044998a20)
	/usr/local/go/src/net/http/transport.go:2519 +0x9c
created by net/http.(*Transport).dialConn in goroutine 42219
	/usr/local/go/src/net/http/transport.go:1875 +0x1098

goroutine 41842 [select]:
net/http.(*http2serverConn).serve(0x4045456380)
	/usr/local/go/src/net/http/h2_bundle.go:4812 +0x6ec
net/http.(*http2Server).serveConn(0x4042bf5740, {0x47be4f8, 0x4047190008}, 0x4043cbfb28, 0x0)
	/usr/local/go/src/net/http/h2_bundle.go:4402 +0x97c
net/http.(*http2Server).ServeConn(...)
	/usr/local/go/src/net/http/h2_bundle.go:4266
net/http.http2ConfigureServer.func1(0x40439ce000, 0x4047190008, {0x4768a20, 0x40477ee3e0})
	/usr/local/go/src/net/http/h2_bundle.go:4185 +0x100
net/http.(*conn).serve(0x4047c4efc0, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2000 +0xfa0
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 37270 [select, 2 minutes]:
net/http.(*http2serverConn).serve(0x40476ee1c0)
	/usr/local/go/src/net/http/h2_bundle.go:4812 +0x6ec
net/http.(*http2Server).serveConn(0x4042bf5740, {0x47be4f8, 0x40479f7888}, 0x404738db28, 0x0)
	/usr/local/go/src/net/http/h2_bundle.go:4402 +0x97c
net/http.(*http2Server).ServeConn(...)
	/usr/local/go/src/net/http/h2_bundle.go:4266
net/http.http2ConfigureServer.func1(0x40439ce000, 0x40479f7888, {0x4768a20, 0x4045679b20})
	/usr/local/go/src/net/http/h2_bundle.go:4185 +0x100
net/http.(*conn).serve(0x4045563cb0, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2000 +0xfa0
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 41830 [IO wait]:
internal/poll.runtime_pollWait(0x7fff65eac8c8, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4047574000?, 0x4047a30240?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4047574000, {0x4047a30240, 0x240, 0x240})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4047574000, {0x4047a30240?, 0x4047a30240?, 0x5?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x40439ac138, {0x4047a30240?, 0x40468b6548?, 0x8?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x40473960c0, {0x4047a30240?, 0x0?, 0x40473960c0?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40468b6638, {0x4769680, 0x40473960c0})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x40468b6388, {0x47698a0, 0x40439ac138}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x40468b6388, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x40468b6388, {0x4046004200, 0x9, 0x2efad0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
io.ReadAtLeast({0x7fff661a9b48, 0x40468b6388}, {0x4046004200, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x4046004200, 0x9, 0x4047b6b890?}, {0x7fff661a9b48?, 0x40468b6388?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x40460041c0)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2serverConn).readFrames(0x4044ee6c40)
	/usr/local/go/src/net/http/h2_bundle.go:4691 +0x98
created by net/http.(*http2serverConn).serve in goroutine 41811
	/usr/local/go/src/net/http/h2_bundle.go:4804 +0x460

goroutine 41712 [IO wait]:
internal/poll.runtime_pollWait(0x7fff662bd728, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4046ea7980?, 0x4047a30000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4046ea7980, {0x4047a30000, 0x240, 0x240})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4046ea7980, {0x4047a30000?, 0x4044c42a28?, 0x48da0?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x40439ac9a8, {0x4047a30000?, 0x4044c42a78?, 0x48da0?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x4047b503d8, {0x4047a30000?, 0x4043ab36c0?, 0x4047b503d8?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40468b7b38, {0x4769680, 0x4047b503d8})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x40468b7888, {0x47698a0, 0x40439ac9a8}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x40468b7888, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x40468b7888, {0x4046a2e740, 0x9, 0x2efad0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
io.ReadAtLeast({0x7fff661a9b48, 0x40468b7888}, {0x4046a2e740, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x4046a2e740, 0x9, 0x4047b6abd0?}, {0x7fff661a9b48?, 0x40468b7888?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x4046a2e700)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2serverConn).readFrames(0x4047c83500)
	/usr/local/go/src/net/http/h2_bundle.go:4691 +0x98
created by net/http.(*http2serverConn).serve in goroutine 41693
	/usr/local/go/src/net/http/h2_bundle.go:4804 +0x460

goroutine 42172 [IO wait]:
internal/poll.runtime_pollWait(0x7fff65f4b0c8, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4047d8d300?, 0x403241a000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4047d8d300, {0x403241a000, 0x240, 0x240})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4047d8d300, {0x403241a000?, 0x403241a000?, 0x5?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x40001a5270, {0x403241a000?, 0x40475e8548?, 0x8?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x4047b51dd0, {0x403241a000?, 0x0?, 0x4047b51dd0?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40475e8638, {0x4769680, 0x4047b51dd0})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x40475e8388, {0x47698a0, 0x40001a5270}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x40475e8388, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x40475e8388, {0x4046004660, 0x9, 0x2efad0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
io.ReadAtLeast({0x7fff661a9b48, 0x40475e8388}, {0x4046004660, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x4046004660, 0x9, 0x404805d8a0?}, {0x7fff661a9b48?, 0x40475e8388?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x4046004620)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2serverConn).readFrames(0x4044ee7180)
	/usr/local/go/src/net/http/h2_bundle.go:4691 +0x98
created by net/http.(*http2serverConn).serve in goroutine 42239
	/usr/local/go/src/net/http/h2_bundle.go:4804 +0x460

goroutine 32329 [IO wait, 4 minutes]:
internal/poll.runtime_pollWait(0x7fff65eac9e0, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4044aa1400?, 0x404549c100?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4044aa1400, {0x404549c100, 0x580, 0x580})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4044aa1400, {0x404549c100?, 0x40?, 0x17?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4045b47298, {0x404549c100?, 0x0?, 0x47fb?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x40444b7db8, {0x404549c100?, 0x0?, 0x40444b7db8?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40453b0638, {0x4769680, 0x40444b7db8})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x40453b0388, {0x47698a0, 0x4045b47298}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x40453b0388, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x40453b0388, {0x403cab8000, 0x1000, 0x88db0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
net/http.(*connReader).Read(0x4047cfb020, {0x403cab8000, 0x1000, 0x1000})
	/usr/local/go/src/net/http/server.go:798 +0x224
bufio.(*Reader).fill(0x4045bc0f60)
	/usr/local/go/src/bufio/bufio.go:110 +0xf8
bufio.(*Reader).Peek(0x4045bc0f60, 0x4)
	/usr/local/go/src/bufio/bufio.go:148 +0x60
net/http.(*conn).serve(0x404539e120, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2127 +0x634
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 37269 [runnable]:
net/http.(*persistConn).writeLoop(0x404598cea0)
	/usr/local/go/src/net/http/transport.go:2519 +0x9c
created by net/http.(*Transport).dialConn in goroutine 37299
	/usr/local/go/src/net/http/transport.go:1875 +0x1098

goroutine 38220 [IO wait, 2 minutes]:
internal/poll.runtime_pollWait(0x7fff68a1caa8, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4038c26580?, 0x403ce6c900?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4038c26580, {0x403ce6c900, 0x480, 0x480})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4038c26580, {0x403ce6c900?, 0x40?, 0x2b?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x404428ff38, {0x403ce6c900?, 0x0?, 0x1000?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x404227ae58, {0x403ce6c900?, 0x0?, 0x404227ae58?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40456df438, {0x4769680, 0x404227ae58})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x40456df188, {0x47698a0, 0x404428ff38}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x40456df188, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x40456df188, {0x4041770000, 0x1000, 0x88db0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
net/http.(*connReader).Read(0x40480728d0, {0x4041770000, 0x1000, 0x1000})
	/usr/local/go/src/net/http/server.go:798 +0x224
bufio.(*Reader).fill(0x4047f12a20)
	/usr/local/go/src/bufio/bufio.go:110 +0xf8
bufio.(*Reader).Peek(0x4047f12a20, 0x4)
	/usr/local/go/src/bufio/bufio.go:148 +0x60
net/http.(*conn).serve(0x4047fa4090, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2127 +0x634
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 42346 [select]:
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ProxyHTTP.func1()
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:282 +0x64
created by imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ProxyHTTP in goroutine 42263
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:281 +0xe70

goroutine 42345 [chan receive]:
net/http.http2closeWaiter.Wait(...)
	/usr/local/go/src/net/http/h2_bundle.go:3546
net/http.(*http2responseWriter).CloseNotify.func1()
	/usr/local/go/src/net/http/h2_bundle.go:6734 +0x30
created by net/http.(*http2responseWriter).CloseNotify in goroutine 42263
	/usr/local/go/src/net/http/h2_bundle.go:6733 +0x134

goroutine 42239 [select]:
net/http.(*http2serverConn).serve(0x4044ee7180)
	/usr/local/go/src/net/http/h2_bundle.go:4812 +0x6ec
net/http.(*http2Server).serveConn(0x4042bf5740, {0x47be4f8, 0x40475e8388}, 0x4043a99b28, 0x0)
	/usr/local/go/src/net/http/h2_bundle.go:4402 +0x97c
net/http.(*http2Server).ServeConn(...)
	/usr/local/go/src/net/http/h2_bundle.go:4266
net/http.http2ConfigureServer.func1(0x40439ce000, 0x40475e8388, {0x4768a20, 0x4047687ea0})
	/usr/local/go/src/net/http/h2_bundle.go:4185 +0x100
net/http.(*conn).serve(0x40000f94d0, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2000 +0xfa0
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 42344 [runnable]:
net/http.(*persistConn).writeLoop(0x4044999440)
	/usr/local/go/src/net/http/transport.go:2519 +0x9c
created by net/http.(*Transport).dialConn in goroutine 42353
	/usr/local/go/src/net/http/transport.go:1875 +0x1098

goroutine 41822 [IO wait]:
internal/poll.runtime_pollWait(0x7fff662bd3e0, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4047cca300?, 0x4000b11000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4047cca300, {0x4000b11000, 0x4800, 0x4800})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4047cca300, {0x4000b11000?, 0x4000b11000?, 0x5?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4045b46008, {0x4000b11000?, 0x40471901c8?, 0x8?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x4047b50ba0, {0x4000b11000?, 0x0?, 0x4047b50ba0?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40471902b8, {0x4769680, 0x4047b50ba0})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x4047190008, {0x47698a0, 0x4045b46008}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x4047190008, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x4047190008, {0x4000ba4740, 0x9, 0x2efad0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
io.ReadAtLeast({0x7fff661a9b48, 0x4047190008}, {0x4000ba4740, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x4000ba4740, 0x9, 0x40456688d0?}, {0x7fff661a9b48?, 0x4047190008?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x4000ba4700)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2serverConn).readFrames(0x4045456380)
	/usr/local/go/src/net/http/h2_bundle.go:4691 +0x98
created by net/http.(*http2serverConn).serve in goroutine 41842
	/usr/local/go/src/net/http/h2_bundle.go:4804 +0x460

goroutine 32192 [IO wait, 4 minutes]:
internal/poll.runtime_pollWait(0x7fff662bd2c8, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4044aa1280?, 0x4045358c00?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4044aa1280, {0x4045358c00, 0x580, 0x580})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4044aa1280, {0x4045358c00?, 0x40?, 0x11?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4045b47080, {0x4045358c00?, 0x0?, 0x47fb?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x404399e678, {0x4045358c00?, 0x0?, 0x404399e678?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x40458fbeb8, {0x4769680, 0x404399e678})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x40458fbc08, {0x47698a0, 0x4045b47080}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x40458fbc08, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x40458fbc08, {0x4043a58000, 0x1000, 0x88db0?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
net/http.(*connReader).Read(0x4047a932f0, {0x4043a58000, 0x1000, 0x1000})
	/usr/local/go/src/net/http/server.go:798 +0x224
bufio.(*Reader).fill(0x40479d4a20)
	/usr/local/go/src/bufio/bufio.go:110 +0xf8
bufio.(*Reader).Peek(0x40479d4a20, 0x4)
	/usr/local/go/src/bufio/bufio.go:148 +0x60
net/http.(*conn).serve(0x4044f8b950, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2127 +0x634
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 42256 [IO wait]:
internal/poll.runtime_pollWait(0x7fff68a1c300, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4047ccbb00?, 0x4037c0a000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x4047ccbb00, {0x4037c0a000, 0x2000, 0x2000})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x4047ccbb00, {0x4037c0a000?, 0x4037c0a761?, 0x5?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4045b469c8, {0x4037c0a000?, 0x4047191348?, 0x8?})
	/usr/local/go/src/net/net.go:189 +0x34
crypto/tls.(*atLeastReader).Read(0x4047ac7ce0, {0x4037c0a000?, 0x0?, 0x4047ac7ce0?})
	/usr/local/go/src/crypto/tls/conn.go:809 +0x40
bytes.(*Buffer).ReadFrom(0x4047191438, {0x4769680, 0x4047ac7ce0})
	/usr/local/go/src/bytes/buffer.go:211 +0x90
crypto/tls.(*Conn).readFromUntil(0x4047191188, {0x47698a0, 0x4045b469c8}, 0x0?)
	/usr/local/go/src/crypto/tls/conn.go:831 +0xd0
crypto/tls.(*Conn).readRecordOrCCS(0x4047191188, 0x0)
	/usr/local/go/src/crypto/tls/conn.go:629 +0x35c
crypto/tls.(*Conn).readRecord(...)
	/usr/local/go/src/crypto/tls/conn.go:591
crypto/tls.(*Conn).Read(0x4047191188, {0x4036573000, 0x1000, 0x4047191188?})
	/usr/local/go/src/crypto/tls/conn.go:1385 +0x164
bufio.(*Reader).Read(0x4043dffce0, {0x4047b44580, 0x9, 0x308cb8?})
	/usr/local/go/src/bufio/bufio.go:241 +0x1b4
io.ReadAtLeast({0x4768660, 0x4043dffce0}, {0x4047b44580, 0x9, 0x9}, 0x9)
	/usr/local/go/src/io/io.go:335 +0xa0
io.ReadFull(...)
	/usr/local/go/src/io/io.go:354
net/http.http2readFrameHeader({0x4047b44580, 0x9, 0x40441e9f50?}, {0x4768660?, 0x4043dffce0?})
	/usr/local/go/src/net/http/h2_bundle.go:1642 +0x58
net/http.(*http2Framer).ReadFrame(0x4047b44540)
	/usr/local/go/src/net/http/h2_bundle.go:1909 +0x78
net/http.(*http2clientConnReadLoop).run(0x404534ef98)
	/usr/local/go/src/net/http/h2_bundle.go:9496 +0xd0
net/http.(*http2ClientConn).readLoop(0x4043f62480)
	/usr/local/go/src/net/http/h2_bundle.go:9392 +0x78
created by net/http.(*http2Transport).newClientConn in goroutine 42255
	/usr/local/go/src/net/http/h2_bundle.go:8006 +0xae0

goroutine 32263 [IO wait, 4 minutes]:
internal/poll.runtime_pollWait(0x7fff65f4c360, 0x77)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x40453fa280?, 0x40449ffbbb?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitWrite(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:93
internal/poll.(*FD).Write(0x40453fa280, {0x40449fe800, 0x302e, 0x4800})
	/usr/local/go/src/internal/poll/fd_unix.go:397 +0x260
net.(*netFD).Write(0x40453fa280, {0x40449fe800?, 0x4043b5ae38?, 0x261bc8?})
	/usr/local/go/src/net/fd_posix.go:96 +0x28
net.(*conn).Write(0x4044dade00, {0x40449fe800?, 0x404597cce0?, 0x99ef0?})
	/usr/local/go/src/net/net.go:201 +0x34
crypto/tls.(*Conn).write(0x404597ca88, {0x40449fe800?, 0x5?, 0x4800?})
	/usr/local/go/src/crypto/tls/conn.go:948 +0x100
crypto/tls.(*Conn).writeRecordLocked(0x404597ca88, 0x17, {0x404582cffa, 0x3018, 0xf006})
	/usr/local/go/src/crypto/tls/conn.go:1029 +0x514
crypto/tls.(*Conn).Write(0x404597ca88, {0x404582cffa, 0x3018, 0xf006})
	/usr/local/go/src/crypto/tls/conn.go:1248 +0x344
net/http.checkConnErrorWriter.Write({0x4000e8c540?}, {0x404582cffa?, 0x4?, 0x4043b5b1c8?})
	/usr/local/go/src/net/http/server.go:3872 +0x34
bufio.(*Writer).Write(0x4000e8c540, {0x404582c000?, 0x2e5ff97?, 0x4?})
	/usr/local/go/src/bufio/bufio.go:679 +0xec
net/http.(*chunkWriter).Write(0x40438ff460, {0x404582c000, 0x4012, 0x10000})
	/usr/local/go/src/net/http/server.go:389 +0x10c
bufio.(*Writer).Write(0x4044424180, {0x404582c000?, 0x4043b5b2d8?, 0x32f23c?})
	/usr/local/go/src/bufio/bufio.go:679 +0xec
net/http.(*response).write(0x40438ff420, 0x4012, {0x404582c000, 0x4012, 0x10000}, {0x0, 0x0})
	/usr/local/go/src/net/http/server.go:1702 +0x244
net/http.(*response).Write(0xb59fb19136f11?, {0x404582c000?, 0x404582c000?, 0x4012?})
	/usr/local/go/src/net/http/server.go:1665 +0x38
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*maxLatencyWriter).Write(0x40457b4700, {0x404582c000?, 0x10000?, 0x10000?})
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/maxLatencyWriter.go:30 +0xe8
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).copyBuffer(0x40459f1ae0, {0x4769d60, 0x40457b4700}, {0x47685a0, 0x40457b46c0}, {0x0?, 0x40456b6998?, 0xc?})
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:235 +0x1d8
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).copyResponse(0x40459f1ae0, {0x47ac260, 0x40438ff420}, {0x47685a0, 0x40457b46c0}, 0xffffffffffffffff)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:216 +0xf0
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ProxyHTTP(0x40459f1ae0, {0x47ac260, 0x40438ff420}, 0x404556ea00, 0x4043b5b940)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:417 +0xac4
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ServeHTTP(0x404557e9c4?, {0x47ac260?, 0x40438ff420?}, 0x2e?, 0x4043b5b818?)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:504 +0x74
imuslab.com/zoraxy/mod/dynamicproxy/loadbalance.(*Upstream).ServeHTTP(0x4043b5b9d0?, {0x47ac260?, 0x40438ff420?}, 0x0?, 0x4045794940?)
	/opt/zoraxy/source/mod/dynamicproxy/loadbalance/upstream.go:71 +0x5c
imuslab.com/zoraxy/mod/dynamicproxy.(*ProxyHandler).hostRequest(0x4000c06628, {0x47ac260, 0x40438ff420}, 0x404556ea00, 0x404407d540)
	/opt/zoraxy/source/mod/dynamicproxy/proxyRequestHandler.go:175 +0x48c
imuslab.com/zoraxy/mod/dynamicproxy.(*ProxyHandler).ServeHTTP(0x4000c06628, {0x47ac260, 0x40438ff420}, 0x404556ea00)
	/opt/zoraxy/source/mod/dynamicproxy/Server.go:122 +0x590
net/http.serverHandler.ServeHTTP({0x4047833110?}, {0x47ac260?, 0x40438ff420?}, 0x6?)
	/usr/local/go/src/net/http/server.go:3210 +0xbc
net/http.(*conn).serve(0x40450cd560, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2092 +0x4fc
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 32401 [IO wait, 4 minutes]:
internal/poll.runtime_pollWait(0x7fff65f4b1e0, 0x77)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x4044aa1600?, 0x4043d62ef7?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitWrite(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:93
internal/poll.(*FD).Write(0x4044aa1600, {0x4043d62000, 0x3021, 0x5000})
	/usr/local/go/src/internal/poll/fd_unix.go:397 +0x260
net.(*netFD).Write(0x4044aa1600, {0x4043d62000?, 0x4042246e38?, 0x261bc8?})
	/usr/local/go/src/net/fd_posix.go:96 +0x28
net.(*conn).Write(0x4045b472b0, {0x4043d62000?, 0x40453b0960?, 0x99ef0?})
	/usr/local/go/src/net/net.go:201 +0x34
crypto/tls.(*Conn).write(0x40453b0708, {0x4043d62000?, 0x5?, 0x5000?})
	/usr/local/go/src/crypto/tls/conn.go:948 +0x100
crypto/tls.(*Conn).writeRecordLocked(0x40453b0708, 0x17, {0x404570effa, 0x300b, 0xf006})
	/usr/local/go/src/crypto/tls/conn.go:1029 +0x514
crypto/tls.(*Conn).Write(0x40453b0708, {0x404570effa, 0x300b, 0xf006})
	/usr/local/go/src/crypto/tls/conn.go:1248 +0x344
net/http.checkConnErrorWriter.Write({0x404640fe80?}, {0x404570effa?, 0x4?, 0x40422471c8?})
	/usr/local/go/src/net/http/server.go:3872 +0x34
bufio.(*Writer).Write(0x404640fe80, {0x404570e000?, 0x2e5ff97?, 0x4?})
	/usr/local/go/src/bufio/bufio.go:679 +0xec
net/http.(*chunkWriter).Write(0x4045d7d000, {0x404570e000, 0x4005, 0x10000})
	/usr/local/go/src/net/http/server.go:389 +0x10c
bufio.(*Writer).Write(0x4044150900, {0x404570e000?, 0x40422472d8?, 0x32f23c?})
	/usr/local/go/src/bufio/bufio.go:679 +0xec
net/http.(*response).write(0x4045d7cfc0, 0x4005, {0x404570e000, 0x4005, 0x10000}, {0x0, 0x0})
	/usr/local/go/src/net/http/server.go:1702 +0x244
net/http.(*response).Write(0xb59fb087fb8a0?, {0x404570e000?, 0x404570e000?, 0x4005?})
	/usr/local/go/src/net/http/server.go:1665 +0x38
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*maxLatencyWriter).Write(0x4045c64dc0, {0x404570e000?, 0x10000?, 0x10000?})
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/maxLatencyWriter.go:30 +0xe8
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).copyBuffer(0x40459f1ae0, {0x4769d60, 0x4045c64dc0}, {0x47685a0, 0x4045c64d40}, {0x0?, 0x40454d5a20?, 0xc?})
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:235 +0x1d8
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).copyResponse(0x40459f1ae0, {0x47ac260, 0x4045d7cfc0}, {0x47685a0, 0x4045c64d40}, 0xffffffffffffffff)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:216 +0xf0
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ProxyHTTP(0x40459f1ae0, {0x47ac260, 0x4045d7cfc0}, 0x4045633900, 0x4042247940)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:417 +0xac4
imuslab.com/zoraxy/mod/dynamicproxy/dpcore.(*ReverseProxy).ServeHTTP(0x404565f384?, {0x47ac260?, 0x4045d7cfc0?}, 0x2e?, 0x4042247818?)
	/opt/zoraxy/source/mod/dynamicproxy/dpcore/dpcore.go:504 +0x74
imuslab.com/zoraxy/mod/dynamicproxy/loadbalance.(*Upstream).ServeHTTP(0x40422479d0?, {0x47ac260?, 0x4045d7cfc0?}, 0x0?, 0x4045794940?)
	/opt/zoraxy/source/mod/dynamicproxy/loadbalance/upstream.go:71 +0x5c
imuslab.com/zoraxy/mod/dynamicproxy.(*ProxyHandler).hostRequest(0x4000c06628, {0x47ac260, 0x4045d7cfc0}, 0x4045633900, 0x404407d540)
	/opt/zoraxy/source/mod/dynamicproxy/proxyRequestHandler.go:175 +0x48c
imuslab.com/zoraxy/mod/dynamicproxy.(*ProxyHandler).ServeHTTP(0x4000c06628, {0x47ac260, 0x4045d7cfc0}, 0x4045633900)
	/opt/zoraxy/source/mod/dynamicproxy/Server.go:122 +0x590
net/http.serverHandler.ServeHTTP({0x4047cfb8f0?}, {0x47ac260?, 0x4045d7cfc0?}, 0x6?)
	/usr/local/go/src/net/http/server.go:3210 +0xbc
net/http.(*conn).serve(0x404539e7e0, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2092 +0x4fc
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc

goroutine 38435 [IO wait, 2 minutes]:
internal/poll.runtime_pollWait(0x7fff65f4bbb8, 0x72)
	/usr/local/go/src/runtime/netpoll.go:351 +0xa0
internal/poll.(*pollDesc).wait(0x40001cb180?, 0x40451f9000?, 0x0)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x28
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0x40001cb180, {0x40451f9000, 0x1000, 0x1000})
	/usr/local/go/src/internal/poll/fd_unix.go:165 +0x1fc
net.(*netFD).Read(0x40001cb180, {0x40451f9000?, 0x47682c0?, 0x237efa0?})
	/usr/local/go/src/net/fd_posix.go:55 +0x28
net.(*conn).Read(0x4044758320, {0x40451f9000?, 0x404434fcb8?, 0x213b4?})
	/usr/local/go/src/net/net.go:189 +0x34
net/http.(*persistConn).Read(0x4044f02d80, {0x40451f9000?, 0x252b440?, 0x404399c600?})
	/usr/local/go/src/net/http/transport.go:2052 +0x50
bufio.(*Reader).fill(0x4045e7e360)
	/usr/local/go/src/bufio/bufio.go:110 +0xf8
bufio.(*Reader).Peek(0x4045e7e360, 0x1)
	/usr/local/go/src/bufio/bufio.go:148 +0x60
net/http.(*persistConn).readLoop(0x4044f02d80)
	/usr/local/go/src/net/http/transport.go:2205 +0x138
created by net/http.(*Transport).dialConn in goroutine 38433
	/usr/local/go/src/net/http/transport.go:1874 +0x1050

goroutine 41693 [select]:
net/http.(*http2serverConn).serve(0x4047c83500)
	/usr/local/go/src/net/http/h2_bundle.go:4812 +0x6ec
net/http.(*http2Server).serveConn(0x4042bf5740, {0x47be4f8, 0x40468b7888}, 0x4047b77b28, 0x0)
	/usr/local/go/src/net/http/h2_bundle.go:4402 +0x97c
net/http.(*http2Server).ServeConn(...)
	/usr/local/go/src/net/http/h2_bundle.go:4266
net/http.http2ConfigureServer.func1(0x40439ce000, 0x40468b7888, {0x4768a20, 0x40478d6c40})
	/usr/local/go/src/net/http/h2_bundle.go:4185 +0x100
net/http.(*conn).serve(0x4047a006c0, {0x47b0178, 0x4043a9dbc0})
	/usr/local/go/src/net/http/server.go:2000 +0xfa0
created by net/http.(*Server).Serve in goroutine 27
	/usr/local/go/src/net/http/server.go:3360 +0x3dc
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
CA certificates updated
ln: failed to create symbolic link '/var/lib/zerotier-one/zerotier': File exists
ZeroTier daemon started
Starting Zoraxy...
Checking required config update
[2024-11-24 16:32:13.348856] [auth] [system:info] Authentication session key loaded from database
[2024-11-24 16:32:16.280477] [static-webserv] [system:info] Static Web Server started. Listeing on :5487
2024/11/24 16:32:16 Environment variable ZT_AUTH not defined. Trying to load authtoken from file.
2024/11/24 16:32:16 Zerotier authkey loaded
[2024-11-24 16:32:16.300103] [internal] [system:info] Starting ACME handler
[2024-11-24 16:32:16.300275] [cert-renew] [system:info] ACME early renew set to 30 days and check interval set to 86400 seconds
[2024-11-24 16:32:17.302023] [internal] [system:info] Serving inbound port 443
[2024-11-24 16:32:17.302043] [internal] [system:info] TLS mode enabled. Serving proxy request with TLS
[2024-11-24 16:32:17.302066] [internal] [system:info] Development mode enabled. Using no-store Cache Control policy
[2024-11-24 16:32:17.302027] [internal] [system:info] Force latest TLS mode disabled. Minimum TLS version is set to v1.0
[2024-11-24 16:32:17.302091] [internal] [system:info] Port 80 listener enabled
[2024-11-24 16:32:17.302101] [internal] [system:info] Force HTTPS mode enabled
[2024-11-24 16:32:17.303058] [proxy-config] [system:info] caldav.XXX.com -> 192.168.178.3:5001 routing rule loaded
[2024-11-24 16:32:17.303268] [proxy-config] [system:info] dashy.XXX.com -> 192.168.178.2:8088 routing rule loaded
[2024-11-24 16:32:17.303455] [proxy-config] [system:info] dashy.XXX.de -> 172.17.0.1:8088 routing rule loaded
[2024-11-24 16:32:17.303665] [proxy-config] [system:info] goty.XXX.com -> 172.17.0.1:8097 routing rule loaded
[2024-11-24 16:32:17.303883] [proxy-config] [system:info] goty.XXX.de -> 172.17.0.1:8097 routing rule loaded
[2024-11-24 16:32:17.304073] [proxy-config] [system:info] nas.XXX.com -> 192.168.178.3:5000 routing rule loaded
[2024-11-24 16:32:17.304297] [proxy-config] [system:info] nas.XXX.de -> 192.168.178.3:5000 routing rule loaded
[2024-11-24 16:32:17.304489] [proxy-config] [system:info] nc.XXX.com -> 192.168.178.2:11000 routing rule loaded
[2024-11-24 16:32:17.304693] [proxy-config] [system:info] pihole.XXX.com -> 192.168.178.2:8083/admin routing rule loaded
[2024-11-24 16:32:17.304907] [proxy-config] [system:info] pihole.XXX.de -> 192.168.178.2:8083/admin  routing rule loaded
[2024-11-24 16:32:17.305118] [proxy-config] [system:info] portainer.XXX.com -> 172.17.0.1:9443 routing rule loaded
[2024-11-24 16:32:17.305330] [proxy-config] [system:info] portainer.XXX.de -> 172.17.0.1:9443 routing rule loaded
[2024-11-24 16:32:17.305492] [proxy-config] [system:info] / -> 127.0.0.1:5487 routing rule loaded
[2024-11-24 16:32:17.305593] [proxy-config] [system:info] sso.XXX.com -> 192.168.178.11:9442 routing rule loaded
[2024-11-24 16:32:17.305656] [proxy-config] [system:info] sso.XXX.de -> 192.168.178.11:9442 routing rule loaded
[2024-11-24 16:32:17.305665] [proxy-config] [system:info] vault.XXX.com -> 192.168.178.2:8085 routing rule loaded
[2024-11-24 16:32:17.305658] [proxy-config] [system:info] test.XXX.com -> 127.0.0.1 routing rule loaded
[2024-11-24 16:32:17.305847] [proxy-config] [system:info] vault.XXX.de -> 192.168.178.2:8085 routing rule loaded
[2024-11-24 16:32:17.306092] [proxy-config] [system:info] wiki.XXX.com -> 192.168.178.2:8087 routing rule loaded
[2024-11-24 16:32:17.306303] [proxy-config] [system:info] wikijs.XXX.de -> 172.17.0.1:8087 routing rule loaded
[2024-11-24 16:32:17.306551] [proxy-config] [system:info] zoraxy.XXX.de -> 172.17.0.1:8001 routing rule loaded
[2024-11-24 16:32:17.606783] [dprouter] [system:info] Starting HTTP-to-HTTPS redirector (port 80)
[2024-11-24 16:32:17.606857] [dprouter] [system:info] Reverse proxy service started in the background (TLS mode)
[2024-11-24 16:32:17.606874] [internal] [system:info] Dynamic Reverse Proxy service started
[2024-11-24 16:32:17.607976] [uptime-monitor] [system:error] Ping upstream timeout. Assume offline: Get "https://172.17.0.1:8001": EOF
[2024-11-24 16:32:17.803857] [internal] [system:info] Assigned temporary port:43478
[2024-11-24 16:32:17.803880] [internal] [system:info] Zoraxy started. Visit control panel at http://localhost:8000
2024/11/24 16:32:17 http: TLS handshake error from 192.168.178.1:47170: EOF
[2024-11-24 16:32:18.217796] [internal] [system:info] Uptime Monitor background service started
[2024-11-24 16:32:46.282223] [internal] [system:info] mDNS Startup scan completed
2024/11/24 16:32:47 http: TLS handshake error from 192.168.178.1:50214: EOF
2024/11/24 16:33:18 http: TLS handshake error from 192.168.178.1:34566: EOF
[2024-11-24 16:33:18.969738] [ACME] [system:info] Obtaining certificate for: test.XXX.com
[2024-11-24 16:33:18.969940] [ACME] [system:info] Using https://acme-v02.api.letsencrypt.org/directory for CA Directory URL
2024/11/24 16:33:20 [INFO] acme: Registering account for [email protected]
2024/11/24 16:33:22 [INFO] [test.XXX.com] acme: Obtaining bundled SAN certificate
2024/11/24 16:33:22 [INFO] [test.XXX.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/2075100767/434891227727
2024/11/24 16:33:22 [INFO] [test.XXX.com] acme: Could not find solver for: tls-alpn-01
2024/11/24 16:33:22 [INFO] [test.XXX.com] acme: use http-01 solver
2024/11/24 16:33:22 [INFO] [test.XXX.com] acme: Trying to solve HTTP-01
2024/11/24 16:33:25 [INFO] [test.XXX.com] Served key authentication
2024/11/24 16:33:26 [INFO] [test.XXX.com] Served key authentication
2024/11/24 16:33:28 [INFO] [test.XXX.com] Served key authentication
2024/11/24 16:33:29 [INFO] [test.XXX.com] Served key authentication
2024/11/24 16:33:37 [INFO] [test.XXX.com] The server validated our request
2024/11/24 16:33:37 [INFO] [test.XXX.com] acme: Validations succeeded; requesting certificates
2024/11/24 16:33:39 [INFO] [test.XXX.com] Server responded with a certificate.
2024/11/24 16:33:48 http: TLS handshake error from 192.168.178.1:59450: EOF
[2024-11-24 16:33:58.762450] [uptime-monitor] [system:info] Uptime monitor config updated
[2024-11-24 16:34:02.294248] [ACME] [system:info] Obtaining certificate for: test.XXX.de
[2024-11-24 16:34:02.294305] [ACME] [system:info] CA not set. Using default
[2024-11-24 16:34:02.294310] [ACME] [system:info] Using https://acme-v02.api.letsencrypt.org/directory for CA Directory URL
2024/11/24 16:34:04 [INFO] acme: Registering account for [email protected]
2024/11/24 16:34:04 [INFO] [test.XXX.de] acme: Obtaining bundled SAN certificate
2024/11/24 16:34:05 [INFO] [test.XXX.de] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/2075101577/434891446777
2024/11/24 16:34:05 [INFO] [test.XXX.de] acme: Could not find solver for: tls-alpn-01
2024/11/24 16:34:05 [INFO] [test.XXX.de] acme: use http-01 solver
2024/11/24 16:34:05 [INFO] [test.XXX.de] acme: Trying to solve HTTP-01
2024/11/24 16:34:07 [INFO] [test.XXX.de] Served key authentication
2024/11/24 16:34:08 [INFO] [test.XXX.de] Served key authentication
2024/11/24 16:34:09 [INFO] [test.XXX.de] Served key authentication
2024/11/24 16:34:09 [INFO] [test.XXX.de] Served key authentication
2024/11/24 16:34:09 [INFO] [test.XXX.de] Served key authentication
2024/11/24 16:34:11 [INFO] [test.XXX.de] The server validated our request
2024/11/24 16:34:11 [INFO] [test.XXX.de] acme: Validations succeeded; requesting certificates
2024/11/24 16:34:13 [INFO] [test.XXX.de] Server responded with a certificate.
2024/11/24 16:34:18 http: TLS handshake error from 192.168.178.1:56092: EOF
2024/11/24 16:34:48 http: TLS handshake error from 192.168.178.1:36436: EOF
2024/11/24 16:34:54 http: TLS handshake error from 64.227.32.66:38714: read tcp 192.168.144.2:443->64.227.32.66:38714: read: connection reset by peer
2024/11/24 16:34:54 http: TLS handshake error from 64.227.32.66:38724: read tcp 192.168.144.2:443->64.227.32.66:38724: read: connection reset by peer
2024/11/24 16:34:54 http: TLS handshake error from 64.227.32.66:38732: read tcp 192.168.144.2:443->64.227.32.66:38732: read: connection reset by peer
2024/11/24 16:34:54 http: TLS handshake error from 64.227.32.66:38738: tls: client requested unsupported application protocols ([http/0.9 http/1.0 spdy/1 spdy/2 spdy/3 h2c hq])
2024/11/24 16:34:54 http: TLS handshake error from 64.227.32.66:38750: tls: client requested unsupported application protocols ([hq h2c spdy/3 spdy/2 spdy/1 http/1.0 http/0.9])
2024/11/24 16:34:55 http: TLS handshake error from 64.227.32.66:38762: read tcp 192.168.144.2:443->64.227.32.66:38762: read: connection reset by peer
2024/11/24 16:34:55 http: TLS handshake error from 64.227.32.66:38766: read tcp 192.168.144.2:443->64.227.32.66:38766: read: connection reset by peer
2024/11/24 16:34:55 http: TLS handshake error from 64.227.32.66:38772: read tcp 192.168.144.2:443->64.227.32.66:38772: read: connection reset by peer
2024/11/24 16:34:55 http: TLS handshake error from 185.220.101.186:10907: EOF
2024/11/24 16:34:55 http: TLS handshake error from 64.227.32.66:38778: read tcp 192.168.144.2:443->64.227.32.66:38778: read: connection reset by peer
2024/11/24 16:34:55 http: TLS handshake error from 64.227.32.66:38786: read tcp 192.168.144.2:443->64.227.32.66:38786: read: connection reset by peer
2024/11/24 16:35:14 http: TLS handshake error from 80.82.77.202:48660: read tcp 192.168.144.2:443->80.82.77.202:48660: read: connection reset by peer
2024/11/24 16:35:14 http: TLS handshake error from 80.82.77.202:43815: read tcp 192.168.144.2:443->80.82.77.202:43815: read: connection reset by peer
2024/11/24 16:35:15 http: TLS handshake error from 80.82.77.202:42320: read tcp 192.168.144.2:443->80.82.77.202:42320: read: connection reset by peer
2024/11/24 16:35:15 http: TLS handshake error from 80.82.77.202:40507: tls: client requested unsupported application protocols ([http/0.9 http/1.0 spdy/1 spdy/2 spdy/3 h2c hq])
2024/11/24 16:35:15 http: TLS handshake error from 80.82.77.202:36118: tls: client requested unsupported application protocols ([hq h2c spdy/3 spdy/2 spdy/1 http/1.0 http/0.9])
2024/11/24 16:35:16 http: TLS handshake error from 80.82.77.202:29489: read tcp 192.168.144.2:443->80.82.77.202:29489: read: connection reset by peer
2024/11/24 16:35:16 http: TLS handshake error from 80.82.77.202:57322: EOF
2024/11/24 16:35:16 http: TLS handshake error from 80.82.77.202:27615: read tcp 192.168.144.2:443->80.82.77.202:27615: read: connection reset by peer
2024/11/24 16:35:16 http: TLS handshake error from 80.82.77.202:49963: EOF
[2024-11-24 16:35:17.234781] [websocket] [system:error] Couldn't dial to remote backend url wss://192.168.178.11:9442/ws/client/: tls: failed to verify certificate: x509: cannot validate certificate for 192.168.178.11 because it doesn't contain any IP SANs
2024/11/24 16:35:17 http: TLS handshake error from 80.82.77.202:65454: read tcp 192.168.144.2:443->80.82.77.202:65454: read: connection reset by peer
2024/11/24 16:35:18 http: TLS handshake error from 192.168.178.1:49706: EOF
[2024-11-24 16:35:19.519943] [websocket] [system:error] Couldn't dial to remote backend url wss://192.168.178.11:9442/ws/client/: tls: failed to verify certificate: x509: cannot validate certificate for 192.168.178.11 because it doesn't contain any IP SANs
2024/11/24 16:35:48 http: TLS handshake error from 192.168.178.1:39530: EOF
2024/11/24 16:36:18 http: TLS handshake error from 192.168.178.1:52258: EOF
2024/11/24 16:36:48 http: TLS handshake error from 192.168.178.1:59638: EOF
2024/11/24 16:36:57 http: TLS handshake error from 106.75.164.149:54528: EOF
[2024-11-24 16:37:17.606919] [uptime-monitor] [system:info] Uptime updated - 1732462637
2024/11/24 16:37:18 http: TLS handshake error from 192.168.178.1:49124: EOF
`

@PassiveLemon
Copy link
Collaborator

PassiveLemon commented Nov 24, 2024

Thanks, unless other commenters provide evidence otherwise, I'm going to say this is an issue with the CPU architecture. While both Zoraxy and ZeroTier should support and do build on arm64. Unfortunately I can't test that they work without issues since I don't have any arm64 devices, and this is pretty much impossible for me to troubleshoot

@derjasa
Copy link

derjasa commented Nov 25, 2024

Thanks, unless other commenters provide evidence otherwise, I'm going to say this is an issue with the CPU architecture. While both Zoraxy and ZeroTier should support and do build on arm64.

I have the problem on amd64

  • What container arch are you using? (I use amd64)
    amd64

  • What DNS provider and CA are you using for TLS? (I use Cloudflare and Let's Encrypt)
    Azure / Let`s Encrypt

  • Could you now test v3.1.4 and see if you still have this issue?
    I will test it

@tobychui
Copy link
Owner

Thanks, unless other commenters provide evidence otherwise, I'm going to say this is an issue with the CPU architecture. While both Zoraxy and ZeroTier should support and do build on arm64.

I have the problem on amd64

Maybe you can try build from source on your machine? All the zoraxy builds are build with CGO disabled for maximum compatibility. However sometime CGO might be needed and the go compiler should automatically build that for you using go build command. See readme for the build from source instructions.

@derjasa
Copy link

derjasa commented Nov 25, 2024

Maybe you can try build from source on your machine?

Yeah sure! I gonna try to build it from scratch.

@tobychui
Copy link
Owner

I guess this should have been resolved? If yes, I am closing this as completed?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

8 participants