There are tons of instructions out there already on how to setup a Ghost blog in several systems. There are bitnami images, Digital Ocean droplets and so on. What I couldn’t find, however, is how to do a secure deployment of Ghost (a nodejs application) on Fedora 19. This means, using systemd for controlling the nodejs process and Apache httpd to handle the requests. Extra points for using a MariaDB database instead of the default sqllite. For now, let’s assume that you have already MariaDB and Apache httpd installed and configured, probably already with some hosts. So, here we go!
This is the easy part. Just download the ZIP file via wget. I also tried clonning the repo and initializing it, but it seems it’s not that easy. Probably the ZIP file got built with some extra steps, so, for now, it’s easier to just get the ZIP.
I guess it’s not necessary to show how to create an user in MariaDB, but here it is:
Once downloaded, we need to extract and install the dependencies.
Now, just change the
/usr/share/ghost/config.js, adapting it to your needs. The MariaDB configuration would look like this:
The reasoning behing the use of
systemd is well explained in this presentation by Ruben Vermeersch. Our service file is very similar to the one he shows, with a couple of tweaks. It should be placed in
[Service] ExecStart=/usr/bin/node /usr/share/ghost/index.js Restart=always StandardOutput=syslog SyslogIdentifier=ghost User=nobody Group=nobody WorkingDirectory=/usr/share/ghost Environment=NODE_ENV=production [Install] WantedBy=multi-user.target
At this point, you can try to start your Ghost application:
# systemctl start ghost
If everything is well, you should see this in your
Oct 16 16:54:06 perere systemd: Starting ghost.service... Oct 16 16:54:06 perere systemd: Started ghost.service. Oct 16 16:54:06 perere ghost: #033[32mGhost is running...#033[39m Oct 16 16:54:06 perere ghost: Your blog is now available on https://blog.kroehling.de #033[90m Oct 16 16:54:06 perere ghost: Ctrl+C to shut down#033[39m
And the missing piece. Also, there’s no secret on this configuration, which should go somewhere into
If you don’t intend to serve your blog via HTTPS, you can safely remove the properties that starts with “SSL”, but I’d highly suggest that you do serve it securely. It costs nothing!