How to install Ghost on Ubuntu 22.04 manually (HawkHost VPS)

Read this if you want a detailed guide to deploy one or more ghost blogs in the same machine using Hawk Host VPS with Ubuntu 22.04 and Node.JS 18.16.0.

Disclaimer!

This guide is almost the same as the official one provided by Ghost (https://ghost.org/docs/install/ubuntu/). I may or may not rephrase certain things to ease the understanding.

I decided to install several Ghost instances in one machine because Digital Ocean is a bit too expensive. Besides Hawk Host has excellent customer service and I've been with them for several years now. It's worth mentioning that Digital Ocean has excellent documentation and that's what convinced me to try their services.

A full guide for installing, configuring and running Ghost on your Ubuntu 16.04, 18.04, 20.04 or 22.04 server, for use in production

Overview

This the official guide for self-hosting Ghost using our recommended stack of Ubuntu 16.04, 18.04, 20.04 or 22.04. If you’re comfortable installing, maintaining and updating your own software, this is the place for you. By the end of this guide you’ll have a fully configured Ghost install running in production using MySQL.

This install is not suitable for local use or contributing to core.

Prerequisites

The officially recommended production installation requires the following stack:

  • Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04 or Ubuntu 22.04
  • NGINX (minimum of 1.9.5 for SSL)
  • A supported version of Node.js
  • MySQL 8
  • Systemd
  • A server with at least 1GB memory (RAM)
  • A registered domain name

Before getting started you should set up a working DNS A-Record from your domain, pointing to the server’s IP address. This must be done in advance so that SSL can be configured during setup.

Create a DNS A-Record on namecheap.com

I have a domain name purchased from namecheap.com and therefore the process described to create a DNS A-Record is specific to this registrar.

Here is the official documentation on how to do that:

How can I set up an A (address) record for my domain? - Domains - Namecheap.com
Learn more about How can I set up an A (address) record for my domain?. Find your answers at Namecheap Knowledge Base.
Namecheap

Server Setup

This part of the guide will ensure all prerequisites are met for installing the Ghost-CLI.

Create a new user

Open up your terminal and login to your new server as the root user:

# Login via SSH
ssh root@your_server_ip

# Create a new user and follow prompts
adduser <user>
Note: Using the user name ghost causes conflicts with the Ghost-CLI, so it’s important to use an alternative name.
# Add user to superuser group to unlock admin privileges
usermod -aG sudo <user>

# Then log in as the new user
su - <user>

Update packages

Ensure package lists and installed packages are up to date.

# Update package lists
sudo apt-get update

# Update installed packages
sudo apt-get upgrade

Follow any prompts to enter the password you just created in the previous step.

Secure the server

The following steps will improve your server's security and will keep you safer against certain types of security breaches.

Change root password

The default root password provided by Hawk Host will change, so take note of that.

# Change root's password
sudo passwd root

Disable root SSH login

You need edit the sshd_config file to look for the variable PermitRootLogin and change it from yes to no then save the file and exit.

# Edit sshd_config file
sudo nano /etc/ssh/sshd_config

# Restart SSHD for changes to take effect
sudo systemctl restart sshd

Configure SSH key access for your user

To enable yourself to authenticate via SSH key you need to generate an SSH key pair.

On your personal computer: Assuming that you are running Linux rather than Windows, run the following commands:

# Go home
cd ~

# Create .ssh folder
mkdir .ssh

# Change its ownership
chown <your_pc_username>:<your_pc_username> .ssh

# Change its mode
chmod 700 .ssh

# Navigate into it
cd .ssh

# Generate an ED25519 key pair in your personal computer
ssh-keygen -t ed25519 -C "ED25519 SSH key pair to connect to my server"

# Print your public key
cat id_ed25519.pub
Note: The above commands are the only ones that have to be executed on your personal computer. From now on everything will be done on your server (VPS).

On your server: Run the following commands.

# Go home
cd ~

# Create .ssh folder
mkdir .ssh

# Change its ownership
chown <user>:<user> .ssh

# Change its mode
chmod 700 .ssh

# Navigate into it
cd .ssh

# Create a file called authorized_keys and add the public key you printed before (the one you generated in your personal computer)
nano authorized_keys

# Change its mode
chmod 600 authorized_keys

# Change its ownership
chown <user>:<user> authorized_keys

Disable password authentication via SSH for any user

Now you need edit the sshd_config file again to look for the variable PasswordAuthentication and change it from yes to no then save the file and exit.

# Edit sshd_config file again
sudo nano /etc/ssh/sshd_config

# Restart SSHD for changes to take effect
sudo systemctl restart sshd
Note: At this point you are no longer able to login via SSH as root or authenticate with a password as any other user. You will need to use your private key to authenticate with the user you created at the beginning like so ssh -i <path_to_private_key> <user>@<server_ip> and provide the passphrase you set for such private key when prompted.

Install NGINX

Ghost uses an NGINX server and the SSL configuration requires NGINX 1.9.5 or higher.

# Install NGINX
sudo apt-get install nginx

If ufw was activated, the firewall allows HTTP and HTTPS connections. Open Firewall:

sudo ufw allow 'Nginx Full'

Install MySQL

Next, you’ll need to install MySQL to be used as the production database.

# Install MySQL
sudo apt-get install mysql-server
Note: by default root user has no password in MySQL (according to the Internet).

I strongly advice you to keep Debian's credentials handy:

# See Debian's credentials
sudo cat /etc/mysql/debian.cnf

Install Node.js

You will need to have a supported version of Node installed system-wide.

# Create a folder for Node.JS
sudo mkdir -p /usr/local/lib/nodejs

# Navigate into it
cd /usr/local/lib/nodejs

# Download the latest Node.JS 18 (18.16.0 is supported by Ghost)
sudo wget https://nodejs.org/dist/latest-v18.x/node-v18.16.0-linux-x64.tar.gz

# Extract the contents of the *.tar.gz
sudo tar -xzvf node-v18.16.0-linux-x64.tar.gz

# Delete the *.tar.gz
sudo rm -f node-v18.16.0-linux-x64.tar.gz

# Create a symbolic link that represents the current Node.JS version
ln -s /usr/local/lib/nodejs/node-v18.16.0-linux-x64/ current-nodejs

# Add this line at the end of your user's .profile file:
# export PATH="/usr/local/lib/nodejs/current-nodejs/bin:$PATH"
nano ~/.profile

# Reload it
source ~/.profile

# Test it
node -v

# Add this line at the end of your root's .profile file:
# export PATH="/usr/local/lib/nodejs/current-nodejs/bin:$PATH"
sudo nano /root/.profile

# Modify the following line as shown on your sudo's file:
# Defaults        secure_path="/usr/local/lib/nodejs/current-nodejs/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
sudo visudo

This method of installing Node.JS will allow you to have control on which is the current one. When updating it, you just need to follow the same process and can even keep old versions to switch between one another to test, believe me, this is easier than installing directly with in Ubuntu.

Alternatively you could use nvm.

Update npm

# Update NPM to version 9.6.5 as adviced by itself
sudo npm install -g npm@9.6.5

Install Ghost-CLI

Ghost-CLI is a commandline tool to help you get Ghost installed and configured for use, quickly and easily. The npm module can be installed with npm or yarn.

sudo npm install ghost-cli@latest -g

Once installed, you can always run ghost help to see a list of available commands.

Install Ghost

Once your server is correctly setup and ghost-cli is installed, you can install Ghost itself. The following steps are the recommended setup. If you need more fine-grained control, the CLI has flags and options that allow you to break down and customise the install steps.

Create a directory

Ghost must be installed in its own directory, with a proper owner and permissions.

# Create directory: Change `sitename` to whatever you like
sudo mkdir -p /var/www/<sitename>

# Set directory owner: Replace <user> with the name of your user
sudo chown <user>:<user> /var/www/<sitename>

# Set the correct permissions
sudo chmod 775 /var/www/<sitename>

# Then navigate into it
cd /var/www/<sitename>

Run the install process

Now we install Ghost with one final command.

ghost install

Install questions

During install, the CLI will ask a number of questions to configure your site.

Blog URL

Enter the exact URL your publication will be available at and include the protocol for HTTP or HTTPS. For example, https://example.com. If you use HTTPS, Ghost-CLI will offer to set up SSL for you. Using IP addresses will cause errors.

MySQL hostname

This determines where your MySQL database can be accessed from. When MySQL is installed on the same server, use localhost (press Enter to use the default value). If MySQL is installed on another server, enter the name manually.

MySQL username / password

If you already have an existing MySQL database, enter the username and password. Otherwise, enter root and when prompted for a password just hit Enter if you haven't changed the default password (remember that by default user root has no password). My advice is that you use the credentials generated for Debian, otherwise you risk running into issues.

Ghost database name

Enter the name of your database. It will be automatically set up for you, unless you’re using a non-root MySQL user/pass. In that case the database must already exist and have the correct permissions.

If you provided your root MySQL user, Ghost-CLI can create a custom MySQL user that can only access/edit your new Ghost database and nothing else.

Sets NGINX up automatically enabling your site to be viewed by the outside world. Setting up NGINX manually is possible, but why would you choose a hard life?

If you used an https Blog URL and have already pointed your domain to the right place, Ghost-CLI can automatically set up SSL for you using Let’s Encrypt. Alternatively you do this later by running ghost setup ssl at any time.

SSL certification setup requires an email address so that you can be kept informed if there is any issue with your certificate, including during renewal.

systemd is the recommended process manager tool to keep Ghost running smoothly. We recommend choosing yes but it’s possible to set up your own process management.

Start Ghost?

Choosing yes runs Ghost, and makes your site work.

Install more than one Ghost instances

On the side of namecheap.com you'll need o add a another DNS A-Record for your new address pointing to the same IP address of your server (like you did the first time).

On your server's side it's as simple as following the same process to install Ghost once again but in another folder inside /var/www/<site_name_2/.

The process will automatically configure everything needed on your server for it to work properly.

Future maintenance

Once Ghost is properly set up it’s important to keep it properly maintained and up to date. Fortunately, this is relatively easy to do using Ghost-CLI. Run ghost help for a list of available commands, or explore the full Ghost-CLI documentation.

What to do if the install fails

If an install goes horribly wrong, use ghost uninstall to remove it and try again. This is preferable to deleting the folder to ensure no artifacts are left behind.

If an install is interrupted or the connection lost, use ghost setup to restart the configuration process.

For troubleshooting and errors, use the site search and FAQ section to find information about common error messages.

What’s next?

You’re all set! Now you can start customizing your site. Check out our range of tutorials or the Ghost API documentation depending on which page of this choose-your-own-adventure experience you’d like to subject yourself to next.

Sources

Read next