Making GoogleAssistant CoachBot

I'm going to make a GoogleAssistant interface to CoachBot...

console https://console.actions.google.com/

docs https://developers.google.com/actions

Note its use of Dialogflow/API.AI.

Apr14'2019 create action

• couldn't get invocation-name CoachBot, settled for Coach Wilson

May05 moving forward.

• this (from Sept'2017!) is the only thing I can find that talks about integrating with your own existing server app.
• creating a "conversation" action using Dialogflow.
• here's the page explaining how to configure "fulfilment" to work via WebHook
  • queryText looks like the raw text entered by user
  • fulfillmentText is a single raw plaintext string that you return, or return fulfillmentMessages as a series of richer elements
  • ooh one element type is card (CardDeck), which can even contain Buttons
  • but just going with list of text bits for now
  • legacy function runs fine locally.
  • made route accept a GET, but can't really submit JSON this way
  • and trying to mimic what Google will POST to it will just be taking something of a guess anyway.
  • so probably best to just deploy and let GoogleAssistant hit it.
  • but is there some good logging to build in? Just did basic input and output lines.

May07 deploy: can I point to it?

• can use only https:// in fulfillment url when "Google Assistant" integration enabled dammit
• I guess I'm going to have to try this
• hmm then do I want to change domain to http://wilsoncoach.app/? I gave up on that because you have to use HTTPS for .app domains.
  • hmm switch to http://CoachWilson.app?
  • May21 settle on http://CoachWilson.net
  • next: update nginx.conf to identify new domain.

May22 update nginx.conf restart, all works. http://CoachWilson.net

• start dealing with CertBot

sudo apt-get update
sudo: unable to resolve host simplest01
Ign http://us.archive.ubuntu.com oneiric InRelease

• edited /etc/hosts
• different possible issues
• upgrade Ubuntu
• CertBot steps now seem to be working
• until sudo add-apt-repository ppa:certbot/certbot -> sudo: add-apt-repository: command not found
• realize the Ubuntu upgrade only took me to 12.04.5 LTS so have to upgrade again
• finish install bits, start actually running CertBot

No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated)  (Enter 'c' to cancel): coachwilson.net fluxent.com
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for coachwilson.net
http-01 challenge for fluxent.com
nginx: [error] invalid PID number "" in "/run/nginx.pid"
Cleaning up challenges
nginx: [error] invalid PID number "" in "/run/nginx.pid"
Encountered exception during recovery: 
Traceback (most recent call last):
...
File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1141, in nginx_restart
    "nginx restart failed:\n%s\n%s" % (out.read(), err.read()))
certbot.errors.MisconfigurationError: nginx restart failed:
b''
b''
nginx restart failed:
b''
b''
IMPORTANT NOTES:
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

Jun02

• trying to restart nginx

/etc/init.d/nginx restart
 * Restarting nginx nginx                                                               [fail] 
root@simplest01:~# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

• uh-oh I think my edits have been in /opt/nginx/conf/nginx.conf
• yep

ps aux | grep nginx
root      1012  0.0  0.0   6008   136 ?        Ss   May22   0:00 nginx: master process /opt/nginx/sbin/nginx

• so why does it smell like the wrong one is running/responding?
• test my file

nginx -c /opt/nginx/conf/nginx.conf -t
nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /opt/nginx/conf/nginx.conf test is successful

• otoh that config was never changed by the CertBot process

-rw-r--r-- 1 root root 4802 May 22 06:52 nginx.conf.20190522
-rw-r--r-- 1 root root 4840 May 22 07:00 nginx.conf

• and neither was the other one!

Jun03

• can't stop nginx except with killall -9 nginx
• then service nginx start
• seems like all the servers are up, which is weird - maybe needed to kill uwsgi?
• because getting 404
• going to kill all those processes - done
• restart wikigraph and wikiflux - still getting 404 - is it using wrong/raw config?
• different wrong nginx?

ps aux | grep nginx
root     15209  0.0  0.5  14932  2476 ?        Ss   07:27   0:00 nginx: master process /usr/sbin/nginx

• kill nginx again
• try service nginx start -c /opt/nginx/conf/nginx.conf
• kill/start wikigraph.net - but http://wikigraph.net/ gives me generic "Welcome to nginx" page
• which config is being used?
• /usr/sbin/nginx -V 2>&1 | grep --colour=auto conf
• response includes: --conf-path=/etc/nginx/nginx.conf
• kill again, try launch /usr/sbin/nginx -c /opt/nginx/conf/nginx.conf
• now everything is running again, restart remaining uwsgi services - all good
• but nothing responds to https - ergo all the CertBot stuff did nothing
  • next - see if there's a way to call CertBox with a specific target nginx.conf

Posted to LiNode community forum.

• which pointed me toward /var/log/letsencrypt/letsencrypt.log

Jun08

• reading /var/log/letsencrypt/letsencrypt.log not very helpful, but manually frankenstein my nginx.conf with pieces from inside there, plus notes from here
• test

nginx -c /opt/nginx/conf/nginx.conf -t
nginx: [emerg] open() "/etc/letsencrypt/le_http_01_cert_challenge.conf" failed (2: No such file or directory) in /opt/nginx/conf/nginx.conf:17
nginx: configuration file /opt/nginx/conf/nginx.conf test failed

• change that line to use include /etc/letsencrypt/options-ssl-nginx.conf - test again

nginx -c /opt/nginx/conf/nginx.conf -t
nginx: [emerg] BIO_new_file("/opt/nginx/conf/cert.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/opt/nginx/conf/cert.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /opt/nginx/conf/nginx.conf test failed

• hmm which .pem file?

:/etc/letsencrypt# find . -name "*.pem"
./ssl-dhparams.pem
./keys/0000_key-certbot.pem - pick this one
./csr/0000_csr-certbot.pem

• edit, test

nginx -c /opt/nginx/conf/nginx.conf -t
nginx: [emerg] PEM_read_bio_X509_AUX("/etc/letsencrypt/keys/0000_key-certbot.pem") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: configuration file /opt/nginx/conf/nginx.conf test failed

• change nginx.conf to use

	ssl_certificate /etc/letsencrypt/csr/0000_csr-certbot.pem;
	ssl_certificate_key /etc/letsencrypt/keys/0000_key-certbot.pem;

• test

nginx -c /opt/nginx/conf/nginx.conf -t
nginx: [emerg] PEM_read_bio_X509_AUX("/etc/letsencrypt/csr/0000_csr-certbot.pem") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: configuration file /opt/nginx/conf/nginx.conf test failed

Jul04'2019 all my LiNode stuff down because server restarted and tried to use that bad nginx.conf. Reverted, so things are back up. But CoachBot never gives an actual response. Probably a domain-redirect/mapping issue...

Jul14'2019 - various times this week trying to get things working, even at the old domain http://www.coachbot.net. But keep getting redirected to FamilyFinancialFuture (one of my other sites served from the same nginx.) Notes at 2019-07-14-WeirdChromeNginxRedirectIssue

• resolved!
• Should I changed my nginx.conf to only use redirect instead of permanent, just for safety?
  • Jul29: made all redirect
  • Aug11: get it working for http://www.coachwilson.net (without SSL)