It produced this output:
Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/abominationsmind.org/fullchain.pem") failed (SSL: error:02001002:sy:fopen('/etc/letsencrypt/live/abominationsmind.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no s
nginx: configuration file /etc/nginx/nginx.conf test failed
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] BIO_nend.org/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsenm','r') error:2006D080:BIO routines:BIO_new_file:no such file)\nnginx: configuration file /etc/nginx/nginx.conf te
a
My web server is (include version): Google Domain
The operating system my web server runs on is (include version): Debian 10
My hosting provider, if applicable, is: Google Domain
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.13.0
It looks like the version of the output you pasted is a little garbled, or missing some portions... it might be helpful if you could try that again.
However, the problem here looks like you ran Certbot successfully once, and then deleted all or some of /etc/letsencrypt without removing the references to your original certificates from the nginx configuration. Is that possible? certbot delete doesn't remove references to deleted certificates from web server configurations, even if Certbot originally added them itself.
Alrighty so I wiped the server and started from scratch. after reinstalling everything and doing it all exactly as explained by the guide (Self-Hosting Foundry VTT on a Raspberry Pi - dracoli.ch) I am now receiving this error.
root@raspberrypi:/home/admin# sudo certbot certonly --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/abominationsmind.org/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/abominationsmind.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] BIO_new_file("/etc/letsencrypt/live/abominationsmind.org/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(\'/etc/letsencrypt/live/abominationsmind.org/fullchain.pem\',\'r\') error:2006D080:BIO routines:BIO_new_file:no such file)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] BIO_new_file("/etc/letsencrypt/live/abominationsmind.org/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(\'/etc/letsencrypt/live/abominationsmind.org/fullchain.pem\',\'r\') error:2006D080:BIO routines:BIO_new_file:no such file)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
Huh! The guide you followed is a little bit unclear on the exact sequence of steps...
In particular, it says offhandedly to follow Certbot's instructions to get a wildcard certificate, but doesn't emphasize that very much and doesn't specifically say what the certificate should be named. The relevant paragraph is
The Let’s Encrypt docs make it easy to obtain a free SSL certificate. At the time of publishing, RPi OS uses Debian Buster, and we’ll be using Nginx below, so you’ll want to follow the instructions in this link for a wildcard certificate.
In that case you would also need to click on the "wildcard" tab on that instructions page, rather than following the non-wildcard default instruction there which call for using certbot --nginx. If you succeed in following the wildcard instructions there, it should be possible to pick up again where the tutorial left off.
I'm not clear on why, or whether, a wildcard certificate is really needed. If it's not, it should still be possible to use certbot --nginx instead, except that the nginx configuration that the tutorial offers you assumes that you already have a certificate obtained with Certbot. That creates a chicken-and-egg problem which could be finessed in various ways, but not by literally following the existing tutorial step-by-step.
It's a rather "funny" guide.. It indeed links to the Debian Buster with nginx certbot instructions with the text "for a wildcard certificate", but a few moments later it says the following when configuring nginx:
Note : This config uses a subdomain foundry.mysite.com . You’ll have to add any subdomains you use to your A records/DDNS setup
This is rather strange: why does the user of the guide have to add subdomains to the DNS setup? Why couldn't the user add these same subdomains to the certificate without getting a wildcard certificate? Or, alternatively, DNS also supports wildcards, so why not use wildcards on both situations?
This leads me to believe that the guide doesn't actually require a wildcard certificate and, after setting up nginx, could just as easily have used the --nginx plugin to get the required certificate.
I feel like the guide author is combining several different steps that are all correct and reasonable for various circumstances into a single narrative that, unfortunately, doesn't actually work if followed literally in the order in which it's presented.
@playin_on, if you're still having trouble, I'd encourage you to take a look at the Certbot documentation and see if it makes sense to you. Alternatively, maybe you could ask the guide author to fix it up to address these problems (I believe that most people who follow the guide as-is will run into an error in the same place you did!). We can certainly help you get a certificate, but I'm not sure whether it's helpful to encourage you to diverge too widely from the official documentation for the other software you're using—even though that documentation isn't quite consistent in its recommendations about using Certbot.