So, again I have set up a blog. I didn't mean to if I am being honest, I was just playing around with Docker. I had some requirements to try and get this set up -

  1. Use Docker for all web applications I was going to be using.
  2. SSL support via Lets Encrypt/Certbot
  3. Run it on a VPS.

The 3rd point was easy, Normally I use DigitalOcean for this sort of thing, but while setting up an account with $50 credit, It didn't like my bank cards (Monzo and B seem to appear as top-up credit cards/don't work and I didn't want to use one of my main bank cards online.) so I ended up getting free credit at Vultr and quite frankly seems exactly same to DigitalOcean, and within 15 minutes of signing up I had a Ubuntu VM with Docker up and running.

SSH keys in place and domain name pointing in the right direction, I decided to use Portainer as a GUI for Docker, This seems at the moment to work well enough for my needs and it runs in its own container. Super easy install!

Now for the Blog

The first issue I seemed to come across was that nginx was not normally ran in a container or guides assumed I already had an SSL certificate.

I came across Miles McBain's A Fully Dockerised HTTPS Ghost Blog Post and quite frankly it was exactly what I was looking for with my setup.

The only slight changes to docker-compose.yml I made -

  1. Updating the tag to use the latest version of Ghost - Changing image: ghost:1.21.3-alpine to image: ghost:latest
  2. Updating with all my Domain Details/Mailgun (at this point not really checked the mailgun stuff as I have 2FA setup so didn't enter it in to my docker-compose.yml file)
  3. Removing all the rstudio stuff. Don't need or want it.

So my docker-compose.yml file was as follows -

version: '2'
services:

  ghost:
    image: ghost:latest
    restart: always
    environment:
    NODE_ENV: production
    url: https://<Your Domain Here>
    mail__transport: SMTP
    mail__options__service: Mailgun
    mail__options__auth__user: <My Mailgun User>
    mail__options__auth__pass: <My Mailgun Password>
    VIRTUAL_HOST: <Your Domain Here>
    LETSENCRYPT_HOST: <Your Domain Here>
    LETSENCRYPT_EMAIL: <Your Email Here>
    volumes:
      - ~/data/ghost:/var/lib/ghost/content

  nginx-proxy:
    image: jwilder/nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/etc/nginx/vhost.d"
      - "/usr/share/nginx/html"
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
      - "/etc/nginx/certs"
 
  letsencrypt-nginx-proxy-companion:
    image: jrcs/letsencrypt-nginx-proxy-companion
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    volumes_from:
      - "nginx-proxy"

After a wee while after uploading and running that in Portainer, just navigating to baconstrip.org.uk pushed me to use HTTPS and I saw the default Ghost install. Then it was a case of adding /ghost to the URL and I started configuring my very own SSL enabled fully docker container-ed blog.