Finally, a Ghost I'm not scared of - Ghost CMS
I've moved this site over from WordPress to Ghost. Find some of my thoughts, comments and feedback; alongside a view of my architecture and setup.
For some years now I have been self-hosting a WordPress instance that ran my personal site. This worked (reasomably) well and was fantastic for customisation due to size of the community and the number of easy-install plugins, themes and add-ons. This is hugely advantageous, but alsso presents a challenge when it comes to keeping a site up-to-date, resource efficent and performant. Different plugins get updated at different times, often causing incompatibilities or delaying the ability to update WordPress core and I have noticed a signficant performance increase over the past year or so.
So, out I went to look for something better. Something easier to manage with all of the "core" functionality I need out of the box. Something that would need less time and effort to patch and something that was FOSS and open with enough extendability that I could make the site work in the way I want. After looking at several different options, I found Ghost.
Deploying Ghost
Ghost has some really cool customisation opportunities available right out of the box. This includes the ability to specify a separate host for the admin console which makes hardening the service really easy. In my wider environment, I use Cloudflare access to segment and control access to individual hosts and services. The ability to separate out the endpoints therefore allows me to route the admin console hostname through Zero Trust/Access, while leaving the user-site publicly exposed.
Ghost also uses MySQL which is an extremely easy DB to configure and get running, I used the standard 'utf8_mb4' encoding and everything got going really easily. One note I did have, is that I had to change the password type to native_mysql rather than one of the more modern password algorithms (this may be something I have configured wrong).
Finally, Ghost's default port configuration uses port 2368. I always use internal networks between my reverse proxy, DBs and app containers, so there isn't any port exposure to worry about here. Just point your proxy (NGINX or Caddy) at http://%container_name%:2368 and you will be away at the races. Be careful to also configure your admin hostname if you have defined one here.
You can see my setup for Ghost below that shows the difference in the routing for admin and service traffic.
Setting it up!
Once you have configured your proxy, you should be able to navigate directly to your service host (presumably at https://hostname.example.com) where Ghost will take you through the admin setup. Configure your account and setup your credentials using the wizard and you will be ready to go in no time!
To login to the admin console navigate to https://admin-url.example.com/ghost. The /ghost is important here, otherwise you can get a 'Cannot GET /' error.
Once you are all configured, you can carry out any additional hardening or configuration as required, such as SMTP or Cloudflare Access rules and then you are ready to start blogging. I'm not going to teach anybody how to suck eggs here, and I think it's a great testament to Ghost's simplicity that I'm confident that you won't need any help.
The one thing I will call out, is that by default, Ghost enables a load of subscription, membership and newsletter functionality. This makes sense given that lots of Ghost's appeal will be to premium content producers, but for many you will want to switch this off. You can do this by disabling 'Newsletter Sending' and setting 'who can subscribe' to nobody per the below.
Closing thoughts,
I have found that I really enjoyed moving over to Ghost, I've found it much easier to manage than my previous WordPress instance and have enjoyed some of the out-of-the-box functiaonoity improvements. The editor and interface are nice and simple, and there is a great selection of pre-made templates and themes.
As with everything, there are some things that aren't perfect. I'd like to see OIDC or SAML integration, better integration with other common services such as Matomo and more customisation options. Some of this may be as a result of coming from WordPress where there are thousands of plugins, but at the same time I also like the simplicity of Ghost as it stands. A tot-up for you individually depending on what you need.
I've been using Ghost for around 18 months now and I've not found myself wanting to move back to WordPress once. All I can suggest is giving it a go and seeing how you get on. Simple to deploy, simple to manage, simple to use.