Thank you for this fix everyone! I updated my ‘renew-certs.py’, reverted by hosts file and tuned on SSL… all went with my staging droplet and now I have a secure site. Production on the other hand did not complete and I still receive an error.
non-zero return code
nginx: [emerg]
SSL_CTX_use_PrivateKey_file("/etc/nginx/ssl/letsencrypt/site.com.key")
I’m wondering if something is broken on that droplet and if a rebuild and reprovision will fix it.
Back at it again.
Brand new project with latest Trellis here.
I’ve verified all the updates from previous posts above are correct in my Trellis setup.
The only way I’m able to provision a server is with the IP listed in the hosts file. If I put the URL in there and attempt a provision, I get an error after it attempts:
ASK [python_interpreter : Get Ubuntu release] *********************************
System info:
Ansible 2.4.0.0; Darwin
Trellis version (per changelog): "Add Python 2 explicitly"
…
timed out
fatal: [staging.site.com]: UNREACHABLE! => {"changed": false, "unreachable": true}Update:
It actually failed with the unreachable error again when provisioning with the IP listed in the hosts file.
I then attempted to ssh as admin to the IP and it was successful. I changed the IP to the URL in the hosts file and gave it another go and it successfully provisioned this time.
Now, the next problem I have is deploying. It says that my repo can’t be accessed and to verify that it exists. Well, it does exist and it can be accessed because I’ve been pushing to it. It also says permission denied, public key.
I’m able to successfully authenticate with a welcome message from Github.
I’ve tried everything to add my key over and over again: ssh-add -K, etc. It adds my identity fine.
I have other projects that I’m able to deploy to using the same Github account, so this is obviously very frustrating. I’ve been using this stack for some years now and so I’m pretty confident I’ve covered everything I’m aware of to be able to successfully provision and deploy to my droplet.
Ideas welcome, thank you.
This is 100% an SSH forwarding issue — plenty of threads, docs, etc that should be able to hopefully help
If not, there’s always paid support 
I’m gonna close this topic out because what you’re running into isn’t related to the original topic