Easiest CMS Setup with Ghost and Nginx in Docker
3 min read

Easiest CMS Setup with Ghost and Nginx in Docker

Easiest CMS Setup with Ghost and Nginx in Docker

When refurbishing and redesigning my website, I decided to make it really easy for me to manage and maintain. And I don't want to use Wordpress, and preferably something written in Node.js. Along came Ghost, it has been in my radar and I have played around with it; but not in a full-blown project. So this time I went ahead with it.

I this article, I want to show you how to setup Ghost with Nginx in Docker. It should get you up and running in less than 10 minutes.

What is Ghost?

Ghost is an open source, professional publishing platform built on a modern Node.js technology stack — designed for teams who need power, flexibility and performance.


Prerequisite

This tutorial assumes you have some understanding of Nginx and Docker/Docker-compose. A good resource for learning Docker check it out here: https://docs.docker.com/get-started/ . And learn about Nginx here: https://www.nginx.com/resources/wiki/start/

Docker-Compose

We can easily manage docker containers with Docker Compose. Create a file called docker-compose.yml; then we need to configure Ghost and Nginx.

services:
  adooylabs_website:
    image: ghost:latest
    container_name: adooylabs
    restart: unless-stopped
    volumes:
      - ./adooylabs/content:/var/lib/ghost/content:z
    environment:
      - url=https://adooylabs.com
      - NODE_ENV=production

  nginx:
    image: nginx:mainline-alpine
    container_name: nginx
    restart: unless-stopped
    links:
      - adooylabs_website
      - sevenonehundred_website
      - realtorrescue_website
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./nginx:/etc/nginx/conf.d
    command: "/bin/sh -c 'while :; do sleep 24h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"

Reverse Proxy Setup with Nginx

Nginx is not a requirement to run your ghost website, but I want to add SSL Certificates later and redirect all request to https. This will also allow me to host multiple ghost website in one digital ocean instance.

In our docker-compose file we set nginx volume to our nginx config file:

volumes:
      - ./nginx:/etc/nginx/conf.d

Create nginx folder then create `default.conf`:

mkdir nginx && touch default.conf

Finally, we need to add our nginx configurations:

server_tokens off;
server_names_hash_bucket_size  64;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

server {
 listen 80 default_server;
 server_name _;

 return 444;
}

server {
  listen 80;
  server_name adooylabs.com www.adooylabs.com;

  if ($http_user_agent ~* (^w3af.sourceforge.net|masscan|dirbuster|nikto|wpscan|SF|sqlmap|fimap|nessus|whatweb|Openvas|jbrofuzz|libwhisker|webshag)) {
    return 444;
  }

  if ($http_acunetix_product) {
    return 444;
  }
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name adooylabs.com www.adooylabs.com;

  ssl_certificate         /path/to/fullchain.pem;
  ssl_certificate_key     /path/to/privkey.pem;

  if ($http_user_agent ~* (^w3af.sourceforge.net|masscan|dirbuster|nikto|wpscan|SF|sqlmap|fimap|nessus|whatweb|Openvas|jbrofuzz|libwhisker|webshag)) {
    return 444;
  }

  if ($http_acunetix_product) {
    return 444;
  }

  location / {
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-NginX-Proxy true;
    proxy_pass              http://adooylabs_website:2368/;
    proxy_set_header        Host $http_host;
    proxy_ssl_session_reuse off;
    proxy_intercept_errors  on;
    proxy_redirect off;
    proxy_set_header 	      X-Forwarded-Proto $scheme;
    proxy_buffering         off;
  }

  location /.well-known/acme-challenge/ { root /var/www/certbot; }
  client_max_body_size 50M;
}

Fire up your new website!

Now that we have all the config files we need, I think we are ready to fire that baby up. Assuming you already property installed Docker and Docker-Compose in your computer, start it up with this command in your root folder:

docker-command up -d

You should be able to browse to your new website, else check docker logs

Finalize Ghost Setup

Now that you can view you new ghost website. You need to finalize the setup by setting up your admin credentials. Go to yourdomain.com/ghost or localhost/ghost and it should walk you through the final Setup.

What's Next

In the next tutorial, I will show you how to get Free SSL Certificates with Letsencrypt and Add it to your nginx setup.

Enjoying these posts? Subscribe for more