Error 403 during renewal of certificate

Hi, I have a problem with my Traefik configuration. I have it working for like two months and today I noticed that I can't connect to my website.

Here is error I'm getting

time="2022-05-08T00:28:58+02:00" level=info msg="Starting provider *file.Provider"
time="2022-05-08T00:28:58+02:00" level=info msg="Starting provider *traefik.Provider"
time="2022-05-08T00:28:58+02:00" level=info msg="Starting provider *acme.Provider"
time="2022-05-08T00:28:58+02:00" level=info msg="Testing certificate renew..." providerName=staging.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory"
time="2022-05-08T00:28:58+02:00" level=info msg="Starting provider *acme.ChallengeTLSALPN"
time="2022-05-08T00:28:58+02:00" level=info msg="Starting provider *docker.Provider"
time="2022-05-08T00:28:58+02:00" level=info msg="Starting provider *acme.Provider"
time="2022-05-08T00:28:58+02:00" level=info msg="Testing certificate renew..." ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=production.acme
time="2022-05-08T00:29:58+02:00" level=error msg="Unable to obtain ACME certificate for domains \"home.example.duckdns.org\": unable to generate a certificate for the domains [home.example.duckdns.org]: error: one or more domains had a problem:\n[home.example.duckdns.org] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: 178.37.247.206: Invalid response from http://home.example.duckdns.org/.well-known/acme-challenge/G_x2gUe4-Ek-bwK39c2UtCLDteVHIZc5PNcqqp_SJvc: 404\n" routerName=homeassistant@file providerName=staging.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" rule="Host(`home.example.duckdns.org`)"

docker-compose.yml

version: "3.7"
services:
  traefik:
    image: traefik:latest
    container_name: traefik
    environment:
      - TZ=Europe/Warsaw
    ports:
      - '80:80'   
      - '443:443'
      - '8080:8080'
    networks:
      - traefik_default
    volumes:
      - /home/morgan/docker/traefik/config:/etc/traefik
      - /home/morgan/docker/traefik/letsencrypt:/letsencrypt
      - /home/morgan/docker/traefik/logs:/var/log/traefik
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: always
    extra_hosts:
      - host.docker.internal:172.17.0.1

  homeassistant:
    container_name: homeassistant
    image: "homeassistant/home-assistant:latest"
    volumes:
      - /home/morgan/docker/homeassistant:/config
      - /home/morgan/docker/homeassistant/media:/media
      - /etc/localtime:/etc/localtime:ro
    restart: unless-stopped
    privileged: true
    network_mode: host

    environment:
      - PUID=1000
      - PGUID=1000
      - TZ=Europe/Warsaw
    expose:
      - 8123

traefik.yml

global:
  checkNewVersion: true
  sendAnonymousUsage: false  # true by default

log:
  level: INFO  # DEBUG, INFO, WARNING, ERROR, CRITICAL
  format: common  # common, json, logfmt
  filePath: /var/log/traefik/traefik.log

accesslog:
  format: common  # common, json, logfmt
  filePath: /var/log/traefik/access.log

api:
 dashboard: true 
 insecure: true

# Entry Points configuration
# ---
entryPoints:
  web:
    address: :80
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https

  websecure:
    address: :443

certificatesResolvers:
  staging:
    acme:
      email: ******
      storage: /letsencrypt/acme.json
      caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
      httpChallenge:
        entryPoint: web

  production:
    acme:
      email: *****
      storage: /letsencrypt/acme.json
      caServer: "https://acme-v02.api.letsencrypt.org/directory"
      httpChallenge:
        entryPoint: web

providers:
  docker: 
    exposedByDefault: false  # Default is true
  file:
    # watch for dynamic configuration changes
    directory: /etc/traefik
    watch: true

tls:
  options:
    default:
      minVersion: VersionTLS13
      sniStrict: true

http:
  middlewares:
    logowanie:
      basicAuth:
        users:
         - "morgan:******"
    secHeaders:
      headers:
        browserXssFilter: true
        contentTypeNosniff: true
        frameDeny: true
        #HSTS Configuration
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 15768000        
    secHeaders2:
      headers:
        browserXssFilter: true
        contentTypeNosniff: true
        frameDeny: true
        customFrameOptionsValue: SAMEORIGIN
        referrerPolicy: same-origin
        #sslRedirect: true
        #HSTS Configuration
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 15768000
        forceSTSHeader: true
        #sslForceHost: true
        browserXssFilter: true
        customResponseHeaders:
          server: "" # removes "Server" header
          X-Powered-By: "" # Removes X-Powered-By
          X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
          #https://securityheaders.com/ is camera+mic enough?
          Permissions-Policy:	camera=('self'), microphone=('self'), autoplay=('self'), payment=(), screen-wake-lock=('self'), geolocation=()
          Feature-Policy:	"camera 'self'; microphone 'self'; payment 'none'; screen-wake-lock 'self'; geolocation 'none'; usb 'none'; vr 'none';"

  routers:
    homeassistant:
      entryPoints:
        - "web"
        - "websecure"
      rule: "Host(`home.example.duckdns.org`)"
      middlewares:
       - secHeaders
      service: homeassistant
      tls:
        certResolver: staging
      
  
  services:
    homeassistant:
      loadBalancer:
        servers:
          - url: "http://192.168.1.200:8123"

HA configuration.yaml

default_config:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 192.168.1.200
    - 172.0.0.0/24

I don't know what the problem might be, this setup was working for two months without any problems. I also have some other containers, but they don't have problems getting certificates (I removed acme.json file and other containers got their certificates only HA is not working). Port 80 and 443 if forwarded on my router