Skip to content

A shell script to install Ghost blog and Let's Encrypt

License

Notifications You must be signed in to change notification settings

xratzh/GhostBlog_SSL

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

A script to install ghost blog with ssl automatically


中文文档

Recommend to use Ghost on docker

Easy and nice!
Step1,install docker:

curl -sSL https://get.docker.com/ | sh

Step2,install Ghost:

docker run --name ghost \
 -p 127.0.0.1:Yourport:2368 \
 -e url=https://Yourdomain \
 -v /var/www/ghost/content:/var/lib/ghost/content \
 --restart=always \
  -d ghost

There are two editions of Ghost.*plus is the version over 1.0.0.And non-plus is the version bellow 1.0.0.

Firewall settings

ufw

  • For Ubuntu/Debian
apt install ufw
ufw enable
ufw allow 80 && ufw allow 443
ufw reload
  • For CentOS(ufw)
yum install -y ufw
ufw enable
ufw allow 80 && ufw allow 443
ufw reload

Or ipables/fillwlld

  • For CentOS6(iptables for ubuntu/debian as the same)
service iptables start
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -m state --state NEW -m udp -p udp --dport 80 -j ACCEPT
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -m state --state NEW -m udp -p udp --dport 443 -j ACCEPT
service iptables restart
  • For CentOS7
systemctl start firewalld.service
systemctl enable firewalld.service
firewall-cmd --zone=public --add-port=80/tcp --permanent  
firewall-cmd --zone=public --add-port=80/udp --permanent  
firewall-cmd --zone=public --add-port=443/tcp --permanent 
firewall-cmd --zone=public --add-port=443/udp --permanent  
firewall-cmd --reload 

Usage

Usage of *plus

wget --no-check-certificate -O GbSplus.sh https://raw.githubusercontent.com/xratzh/GhostBlog_SSL/master/GbSplus.sh && chmod +x GbSplus.sh && sudo bash GbSplus.sh

Usage of non-plus

wget --no-check-certificate -O GbS.sh https://raw.githubusercontent.com/xratzh/GhostBlog_SSL/master/GbS.sh && chmod +x GbS.sh && sudo bash GbS.sh
  1. Enter your domain(no-www,or you need to edit ghost.conf)
  2. Soon later,Choose 'Y'
  3. Enter your email address

You can do it yourself manually

*plus edition
  • For "apt" get-package based
wget --no-check-certificate -O debplus.sh https://raw.githubusercontent.com/xratzh/GhostBlog_SSL/master/debplus.sh && sudo bash debplus.sh
  • For "yum" get-package based
wget --no-check-certificate -O rpmplus.sh https://raw.githubusercontent.com/xratzh/GhostBlog_SSL/master/rpmplus.sh && sudo bash rpmplus.sh
non-plus edition
  • For "apt" get-package based
wget --no-check-certificate -O deb.sh https://raw.githubusercontent.com/xratzh/GhostBlog_SSL/master/deb.sh && sudo bash deb.sh
  • For "yum" get-package based
wget --no-check-certificate -O rpm.sh https://raw.githubusercontent.com/xratzh/GhostBlog_SSL/master/rpm.sh && sudo bash rpm.sh

Upgrade Ghost Version

*plus update
cd /var/www/ghost && ghost update
non-plus update to 0.11.11
wget --no-check-certificate -O update.sh https://raw.githubusercontent.com/xratzh/GhostBlog_SSL/master/update.sh && sudo bash update.sh
0.11.11 update to 1.0.0 and later

Official migrating guide

Tips

  • In rpm.sh,"sleep 5" in /etc/rc.d/rc.local is to fix "502 bad gateway" in CentOS7 whoes RAM is less than 512MB after reboot(5 seconds later to restart nginx service).The number can be changed,but might not less than 2 seconds.It seems necessary for CentOS7,no matter with CentOS6 and etc. 
  • "ghost.conf" in /etc/nginx/ rewrite www.yourdomain.com to yourdomain.com.If you never need it,you can delete www.${URL} in the yum.sh or deb.sh.
  • In CentOS7,firewalld may should be changed to anable 80 port and 443 port
server {
    listen 80
    server_name ${URL} www.${URL};               #rewrite www.yourdomain.com to yourdomain.com
    location ~ /.well-known {
        root /var/www/ghost;
    }
    location / {
        return 301 https://${URL}\$request_uri;
    }
}
  • Certbot-auto will renew your SSL on the 1st every 2 months.(crontab job)

Packages

*plus
  • curl
  • sqlite3
  • unzip
  • nodejs
  • watchdog
  • nginx
  • certbot-auto
non-plus
  • iptables-persistent(ubuntu)
  • curl
  • sqlite3
  • unzip
  • nodejs
  • forever(or you can use pm2)
  • watchdog
  • nginx
  • certbot-auto

LICENSE  

MIT

About

A shell script to install Ghost blog and Let's Encrypt

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages