How I set up Ghost using Docker containers

I decided that it was time to create the personal project that I already had in mind for quite some time: a blog to record the interesting things I find as a software developer. More than that, I also wanted to learn something out of it, and to have some fun while doing it.

I thought Docker would be ideal to organize the services I need. Simply put, Docker is a tool that allows creating and managing applications inside containers. I ended up having three of them, one for each of the services I needed:

• NGINX, to serve my web pages;
• MySQL, to host my databases;
• Ghost, to manage my content.

Table of Contents

Before starting

First I chose and bought my domain, and my VPS to host the applications. I'm using Vultr as both my VPS and DNS provider.

I obtained an SSL/TLS certificate for my blog to be accessed through HTTPS. For that purpose, I used Certbot to request a certificate from Let's Encrypt for free!

sudo apt install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install certbot
sudo certbot certonly --standalone -d blog.afmonteiro.pt

The certificate is downloaded to the folder /etc/letsencrypt/live/example.com/.

Install Docker

My VPS is running a Linux machine based on Debian, so I used apt to manage my packages, following the official Docker documentation.

1. Install all the necessary packages:

   sudo apt install apt-transport-https ca-certificates curl software-properties-common
   

2. Add Docker's GPG key to authenticate the packages:

   curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 
   

3. Verify the key's fingerprint:

   sudo apt-key fingerprint 0EBFCD88
   

4. Add the stable Docker repository:

   sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
   

5. Update the package index and install Docker Community Edition:

   sudo apt-get update
   sudo apt install docker-ce
   

6. Add your Linux user to the docker group:

   sudo usermod -aG docker $USER
   

7. Download and install the latest version of Docker Compose, and set permissions to run it. I'm running the version 1.24.1, check the releases page for the latest version.

   sudo curl -L https://github.com/docker/compose/releases/download/1.24.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
   sudo chmod +x /usr/local/bin/docker-compose
   

Now that Docker and Docker Compose are installed, the process can continue to its next step - installing the three main components, which will be listed in a single Docker Compose file. For those who don't know Compose, it is described as the following in the official documentation:

Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.

Creating the Docker Compose file

1. Create and change to the directory that will hold all the Docker services:

   mkdir docker && cd docker
   

2. Create an empty file named docker-compose.yml:

   touch docker-compose.yml
   

3. Open docker-compose.yml with your favorite text editor, and paste the following snippet. Replace MY_DOMAIN with your domain, and insert a new database password where MY_DB_PASSWORD appears.

   # docker/docker-compose.yml
   version: '3'
   services:
   
     ghost:
       image: ghost:latest
       restart: always
       depends_on:
         - db
       environment:
         url: MY_DOMAIN
         database__client: mysql
         database__connection__host: db
         database__connection__user: root
         database__connection__password: MY_DB_PASSWORD
         database__connection__database: ghost
       volumes:
         - /opt/ghost_content:/var/lib/ghost/content
   
     db:
       image: mysql:5.7
       restart: always
       environment:
         MYSQL_ROOT_PASSWORD: MY_DB_PASSWORD
       volumes:
         - /opt/ghost_mysql:/var/lib/mysql
   
     nginx:
       build:
         context: ./nginx
         dockerfile: Dockerfile
       restart: always
       depends_on:
         - ghost
       ports:
         - "80:80"
         - "443:443"
       volumes:
          - /etc/letsencrypt/:/etc/letsencrypt/
          - /usr/share/nginx/html:/usr/share/nginx/html
   

4. Docker Compose creates a few Docker bind mounts:

   • /var/lib/ghost/content and /var/lib/mysql inside the containers are mapped to /opt/ghost_content and /opt/ghost_mysql, respectively. These locations will store Ghost and MySQL data.
   • A bind mount for /etc/letsencrypt/ is created for NGINX to access the Lets Encrypt certificates.
   • NGINX also uses a bind mount for /usr/share/nginx/html so that it can access the Let’s Encrypt challenge files that are created when your certificate is renewed.

   Directories should be created if they do not exist already:

   sudo mkdir /opt/ghost_content
   sudo mkdir /opt/ghost_mysql
   sudo mkdir -p /usr/share/nginx/html
   

Create the NGINX Docker Image

1. Create a new directory nginx (inside the previously created directory):

   mkdir nginx
   

2. Create a file named Dockerfile and paste in the following contents:

   # nginx/Dockerfile
   FROM nginx:latest
   
   COPY default.conf /etc/nginx/conf.d
   

3. Create a file named default.conf and paste in the following contents. Replace MY_DOMAIN with your own domain.

   # nginx/default.conf
   server {
     listen 80;
     listen [::]:80;
     server_name MY_DOMAIN;
     # Useful for Let's Encrypt
     location /.well-known/acme-challenge/ { root /usr/share/nginx/html; allow all; }
     location / { return 301 https://$host$request_uri; }
   }
   
   server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
     server_name MY_DOMAIN;
   
     ssl_protocols TLSv1.2;
     ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
     ssl_prefer_server_ciphers on;
     ssl_session_cache shared:SSL:10m;
   
     ssl_certificate     /etc/letsencrypt/live/MY_DOMAIN/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/MY_DOMAIN/privkey.pem;
   
     location / {
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-Proto https;
       proxy_pass http://ghost:2368;
     }
   }
   

Run and test the new blog

When the environment is ready, run docker-compose up -d. This creates a daemon which runs the components in the background. To stop the instances, run the command docker-compose down. These commands should be run inside the folder that contains the Docker Compose file!

The command docker-compose up can be issued without the flag -d so the logs are shown in the console, running Docker Compose in attached state, this being useful for seeing errors if one occurs. To shut down the services in this case, press the combination CTRL-C in your keyboard.

Final thoughts

Docker Compose is an ideal tool for a simple environment in which multiple applications need to be running in parallel and communicating with each other.

Creating an environment using Docker Compose may seem easy, but some unexpected errors may occur to some people. I had some trouble configuring the different components which required me to do some research on the side. Please use this guide at your own discretion, and feel free to leave me a comment if you have any doubt or suggestion.

Source: How to Install Ghost CMS with Docker Compose on Ubuntu 18.04