Setting up Ghost

I figure it's an obvious place to start, how to create your own blog that no one will visit.

It's not like I really care if you have something to say, my biggest thing is seeing people paying for some wordpress instance with some stupid subdomain like:

You get the point.

Step 1.
Spend $10, open an account on namecheap, buy a domain name if you're serious.

Step 2.
Find some hosting. Don't overpay, just go spin up a host on Vultr or DigitalOcean for cheap. You're not going to get any traffic, because you don't have good engineering practices, and you surely aren't original, and you'll probably NEVER update it with content.

Step 3.
Install Ubuntu. Le Sigh.

99% of the time, if you can go Centos, go Centos. In this case, its just a load easier on Ubuntu.

Step 4.
Install prerequisites

curl -sL | sudo -E bash -
sudo apt-get install -y nodejs mysql-server nginx
sudo npm install -g ghost-cli@latest
adduser ghost
usermod -aG sudo ghost

Step 5.

Setup MySql. Don't overthink this step.


Step 6.
Install Ghost

sudo su - ghost
mkdir -p /opt/<your-site-name-here>
cd /opt/<your-site-name-here>
ghost install
ghost setup nginx

If you messed anything up, vim /opt/<site>/config.production.json

Jump back to root.

Revoke root from ghost. Don't keep your website user in the sudo group.

usermod -G ghost ghost
systemctl ghost_<listening_ip> start

If you don't know what the npm service is called:

ls -lah /etc/systemd/system/

Nginx should be good to go, but it's set to whatever website name you put during install, so before you lose your mind, if your website is called, if you type in (because I know you are using some basic 192 RFC range setting this up at home, AND I guarentee you didn't even give this a static IP), that site isn't going to show up. Instead you'll get some Welcome to nginx! window, and you'll whine and think that shit isn't working, but really it is.

To prove that apt-get install net-tools

netstat -pant | grep -i node - bet its running on the port you defined in the setup.

Edit your hosts file or setup proper DNS if you want to access your site by it's proper name.

Now go off and write about stuff no one cares about.

...and Jesus Christ, remove password authentication for SSH. If your box is web-facing, its getting banged on probably ~2000 times per second. Set up a proper SSH Key before you get owned.

Eventually I will write about setting up AppArmor and SELinux, maybe a quick post about firewalld or iptables. Should be pretty easy to google around and find it. Make sure you are only allowing ports you want to allow.

comments powered by Disqus