Your redirect from HTTP to HTTPS is broken. Let’s Encrypt follows redirects, so it can’t connect. Notice the Location
header:
osiris@desktop ~ $ telnet doing.fitness 80
Trying 2a03:f80:ed16:ca7:ea75:b12d:294:b3a6...
Connected to doing.fitness.
Escape character is '^]'.
GET / HTTP/1.1
Host: doing.fitness
HTTP/1.1 301 Moved Permanently
Server: nginx/1.11.3
Date: Wed, 28 Dec 2016 10:15:21 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https:///
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.11.3</center>
</body>
</html>