fixes

oshipka.sh

@@ -67,7 +67,7 @@ init() {
 install_cert() {
   PROJECT_DOMAIN=$1
   sudo apt install certbot
-  sudo certbot certonly --dry-run --authenticator standalone --installer nginx --pre-hook "service nginx stop" --post-hook "service nginx start" --redirect --agree-tos --no-eff-email --email danieltcv@gmail.com -d ${PROJECT_DOMAIN} --no-bootstrap
+  sudo certbot certonly --authenticator standalone --installer nginx --pre-hook "service nginx stop" --post-hook "service nginx start" --redirect --agree-tos --no-eff-email --email danieltcv@gmail.com -d ${PROJECT_DOMAIN} --no-bootstrap
 }
 
 bootstrap() {
@@ -176,7 +176,7 @@ prod_install() {
    echo "Enabling firewall rule for 192.168.1.1 -> 443/tcp..."
    sudo ufw allow proto tcp from 192.168.1.1 to any port 443
    echo "Removing '$PROJECT_NAME' insecure nginx config..."
-   sudo rm "/etc/nginx/sites-available/${DOMAIN}_insecure.conf" "/etc/nginx/sites-enabled/${DOMAIN}.insecure"
+   sudo rm "/etc/nginx/sites-available/${DOMAIN}.insecure" "/etc/nginx/sites-enabled/${DOMAIN}.insecure"
    if [ -f "/etc/nginx/sites-available/${NGINX_CONFIG_FILE}" ]; then
      echo "Nginx config for ${PROJECT_NAME} available."
      if [ -f "/etc/nginx/sites-enabled/${NGINX_CONFIG_FILE}" ]; then
@@ -190,6 +190,13 @@ prod_install() {
        sudo ln -s "/etc/nginx/sites-available/${NGINX_CONFIG_FILE}" "/etc/nginx/sites-enabled/${NGINX_CONFIG_FILE}"
        sudo systemctl reload nginx
    fi
+
+  # PROBLEM : Certificates missing
+  # SOLUTION: rm /etc/ssl/certs/ca-certificates.crt
+  #           sudo update-ca-certificates in virtual environment.
+
+   # PROBLEM: BIO_new_file("/etc/nginx/dhparam.pem") failed
+   # SOLUTION: sudo openssl dhparam -out /etc/nginx/dhparam.pem 2048
 }
 
 model() {