Commit 7d6142

2025-07-13 20:01:28 Ralph Thesen: Added SELinux hint for Caddy
faq.md ..
@@ 26,7 26,15 @@
For podman please see the [podman troubleshooting guide](https://github.com/containers/podman/blob/main/troubleshooting.md#2-cant-use-volume-mount-get-permission-denied) for more details and instructions.
- In our tests in rocky:9 docker configured the permissions even with setting the `:z` flag, please see the [docker documentation about bind mounts](https://docs.docker.com/engine/storage/bind-mounts/#configure-the-selinux-label) for more details.
+ In our tests in `rocky:9 docker` configured the permissions even with setting the `:z` flag, please see the [docker documentation about bind mounts](https://docs.docker.com/engine/storage/bind-mounts/#configure-the-selinux-label) for more details.
+
+ #### Caddy as reverse proxy provisioning TLS certificates
+
+ In an environment with `SELINUX=enforcing` where Caddy is used as reverse proxy, it was observed that it is necessary to run
+ ```bash
+ setsebool -P httpd_can_network_connect on
+ ```
+ to enable Caddy to connect to the internet in order to provision proper TLS certificates.
## Errors
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9