Deploy Ghost Blog on Amazon Cloud Lightsail with CDN enabled

Original link: https://inote.xyz/lightsail-ghost/

Deploy Ghost Blog on Amazon Cloud Lightsail with CDN enabled

Ghost is an excellent open source CMS system, which has long maintained the first place in the open source content management system. Since its launch in 2013, it has maintained rapid growth, especially since version 3.0, its positioning has become clearer, and it provides a technology platform for independent publishers. After the text editing and publishing functions have been improved, a series of practical functions such as membership, subscription, and comments have been launched recently to help creators drain, read, and monetize.

Ghost itself does not charge for open source software, but to deploy it on a server, you need to pay for cloud resource usage. The developers behind Ghost provide one-stop hosting services. Of course, we can also deploy Ghost on our own server. For independent creators, the traffic is generally not large, and they can choose lightweight hosts from domestic manufacturers and Lightsail from Amazon.

Lightsail includes functions such as virtual host, database, DNS hosting, static IP, CDN, etc. It can also deploy common network applications such as Wordpres and Ghost with one click. Great for small and medium developers and casual enthusiasts. As a long-time user of Ghost, iNote also chose to migrate its servers to Lightsail. In order to facilitate the use of enthusiasts with the same needs, the detailed migration process is specially recorded.


  1. Register an Amazon account and switch the language to Chinese in the lower right corner of the Lightsail page for easy operation.
  2. Create an instance, select the instance location based on individual needs, the closer it is to the customer base, the better, choose Ghost image, choose a paid plan, and create an instance.
  3. In the “Networking” on the Lightsail home page, “Create a static IP”, select the region corresponding to the instance, create a static IP address and bind it to the instance.
  4. On the instance details page, add inbound rules in “Networking-IPv4 Firewall”: Allow ports 22, 80, 443, 465, and 587. At this point, the site can already be accessed through the http://ip address.
  5. On the instance details page, download the default key and note the server ip address and username bitnami .
  6. Log in to the system locally using the command line terminal. Refer to the AWS guidelines for details. Take a Mac as an example and use the following command to log in to the server.
 sudo chmod 400 Lightsail-Key.pem
 ssh -i Lightsail-Key.pem [email protected]

We plan to use the Lightsail CDN service with some additional setup.

  1. Bitnami mirrors the default username [email protected] for the Ghost site, and the login password is obtained by the following command.
 cat bitnami_application_password
  1. Obtain the user name and password through 7. Log in to the system at http://ip/ghost , and modify the user name and password under the personal account settings.

  2. Configure the email server to send password changes, member notifications, etc. For details, refer to the Ghost setting up Mailgun guide . Write the key and other information obtained in mailgun into the Ghost configuration file config.production.json .

 cd /opt/bitnami/ghost
 sudo vim config.production.json
 // config.production.json "mail": { "transport": "SMTP", "options": { "service": "Mailgun", "host": "smtp.mailgun.org", "port": 465, "secure": true, "auth": { "user": "[email protected]", "pass": "1234567890" } } },

After configuration, restart Ghost

 sudo /opt/bitnami/ctlscript.sh restart ghost

Configure Mailgun configuration in Ghost backend Setting/Email newsletter. Obtain the Mailgun domain and Mailgun Private API key according to the instructions on the page.

  1. Set up CDN: Select the instance corresponding to the instance as the data source in the “Networking” on the Lightsail homepage, select the instance corresponding to the instance as the data source, select “Best for WordPress” for the cache behavior (aws problem, advanced cache settings cannot be performed in other modes), and select “Do not cache any content” , first keep the default cache behavior, in the advanced cache settings, edit the “headers I specify”, set two new items X-Forwarded-Proto / X-Forwarded-For . Others remain the same.

At this point, change the Ghost background domain name to your own website domain name, and change the server address to http://your.domain.com in config.production.json . First set it to http access, and directly set it to https format, it will fail.

 cd /opt/bitnami/ghost
 sudo vim config.production.json
 // config.production.json "url": "http://your.domain.com",

After configuration, restart Ghost

 sudo /opt/bitnami/ctlscript.sh restart ghost

Set ssl: Edit the Apache configuration, passing the headers set in the CDN.

 sudo vi /opt/bitnami/apache2/conf/httpd.conf

Add RequestHeader set X-Forwarded-Proto "https" in the following location

 <IfModule headers_module> # # Avoid passing HTTP_PROXY environment to CGI's on this or # backend servers which have lingering "httpoxy" defects. # 'Proxy' request header is undefined by the IETF, not list # RequestHeader unset Proxy early RequestHeader set X-Forwarded-Proto "https" </IfModule>

After configuration, restart Ghost

 sudo /opt/bitnami/ctlscript.sh restart ghost
 sudo /opt/bitnami/ctlscript.sh restart apache
  1. Set up a custom domain name. Select “Custom Domain Name” in the CDN configuration of the lightsail background. If there is no SSL certificate, you can directly generate a new SSL certificate. After the domain name ownership verification is successful, enable the custom domain name. And use CNAME to configure the custom domain name to associate with the CDN default domain name. After successful CDN synchronization, site content can be accessed through the default domain and custom domain.

  2. In config.production.json , modify the url configured in 10 to https format to ensure the normal use of functions such as Member and Subscribe.

 cd /opt/bitnami/ghost
 sudo vim config.production.json
 // config.production.json "url": "https://your.domain.com",

After configuration, restart Ghost

 sudo /opt/bitnami/ctlscript.sh restart ghost
  1. The Ghost image version provided by lightsail is 4.44.0. Now Ghost has been upgraded to 5.0. If you want to experience new functions, you can upgrade the system.
 cd /opt/bitnami/ghost
 sudo su ghost -c "ghost update"

The image is V4.44.0, first upgrade to V4.48, and then upgrade to V5.

 sudo su ghost -c "ghost update v4"
 sudo su ghost -c "ghost update v5"

In case of .ghost-cli permissions, fix it as follows

 sudo chmod 777 /opt/bitnami/ghost
 sudo chown -R ghost:ghost /opt/bitnami/ghost/.ghost-cli
 sudo /opt/bitnami/ctlscript.sh restart ghost
 sudo /opt/bitnami/ctlscript.sh restart apache

If you encounter the following upgrade errors

 Knex: run $ npm install mysql --save Cannot find module 'mysql' Require stack:

After executing the following command in the ghost folder, upgrade again

 sudo npm install mysql --force
  1. Migrate old content to the new server. Now the backed up json format content backup is imported in the background, and the pictures can be uploaded to the corresponding content/images folder using the sftp upload tool. When uploading, if you encounter permission problems. Grant the sftp account operation permission.
 cd /opt/bitnami/ghost
 sudo chmod 775 content/images
 sudo chown sftpuser:sftpuser content/images
 sudo /opt/bitnami/ctlscript.sh restart ghost
  1. Test whether the function of publishing articles is normal in the Ghost background, if you encounter

An error occurred.Message: 'EACCES: permission denied, open '/opt/bitnami/ghost/.ghost-cli'' /opt/bitnami/ghost/content/images/2022/09/

You need to grant ghost operation permissions.

 cd /opt/www/ghost
 sudo chmod 777 content/images
 sudo chown -R ghost:ghost content/images
 sudo /opt/bitnami/ctlscript.sh restart
  1. Set up CDN to cache content. In CDN Settings Directory and File Overrides, add the files and paths to be cached, and remove wp-includes and wp-content . In general, the following static resources can be cached.

css|js|jpg|jpeg|gif|ico|png|bmp|pict|csv|doc|pdf|pls|ppt|tif|tiff|eps|ejs|swf|midi|mid|ttf|eot|woff|otf|svg|svgz|webp|docx|xlsx|xls|pptx|ps|class|jar

At this point, the deployment of Ghost on Amazon lightsail is complete.

This article is reprinted from: https://inote.xyz/lightsail-ghost/
This site is for inclusion only, and the copyright belongs to the original author.