How-to: Fine tune your Ghost blog instance

Ok, if you’re new to Ghost and looking for a guide on how to setup an Amazon Linux EC2 (free tier) instance very easily, then go here.

Read on if you’ve done that already and this scenario sounds familiar:

My new blog is great but I want to use port 80, and I want it to start automatically whenever the server reboots.

Every web site serves resources to it’s clients over a port. For http:// websites this is usually port 80, for https:// its usually port 443 and Ghost’s default production port is 2368, as in,http://www.myghostblog.com:2368. Now that we have a working Ghost blog it makes sense that we may want to run it on port 80.

The immediate issue with this is that in Linux you need elevated privileges to use port 80, which means running the Node server using root. There are security risks associated with that, so below is another method to achieve the same thing securely.

We’ll also add a script to our server so that if it reboots the Node server restarts automatically.

Assuming you have your first Ghost instance running successfully on port 2368 there are 2 further steps:

  • Redirect port 80 to port 2368
  • Create the bootup script

Redirect port 80 to 2368

Following the initial setup guide we have one Ghost instance running in our /home/ec2-user/ghost directory on port 2368.

So, from the command line type this:

  • sudo iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 2368This command adds a firewall rule on the server that simply says any traffic for port 80 forward to port 2368, and it needs to be executed as root (hence ‘sudo’). Its forwarding traffic to our default port rather than us having to run Ghost as root to use port 80 – nice.

If you restart your Node server instance you’ll be able to connect on port 80, like, http://www.myblog.com

Create the bootup script

Ok we’re going to kill two birds with one stone here. The script above is only in effect until the next reboot, so as well as starting our Ghost blog (Node server) on boot we’ll also insert this rule.

There are a few ways to do this, using rc.local or a crontab but the best way I found was to use a shell script.

Using the shell script method do the following:

  • sudo vim /etc/profile.d/ghost.sh
  • Add the following code:
    #!/bin/sh
    
    if [ $(ps aux | grep $USER | grep node | grep -v grep | wc -l | tr -s "\n") -eq 0 ]
    then
      sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 2368 >/home/ec2-user/iptables.log 2>&1
      export PATH=/usr/local/bin:$PATH
      export NODE_ENV=production
      cd /home/ec2-user/ghost && forever --spinSleepTime 10000 start index.js >> forever.log 2>&1
    fi

    ..then save and exit. This script runs on boot and does a few things. It adds the iptables rule and logs the output, it adds node’s path to the system path then runs forever to start your blog (and keep it running), and logs any output to forever.log. If you run into issues check out the logs to see what’s going wrong.

Do a reboot and then “forever list” to confirm its running or fire up your blog in the browser.

Next guide I’ll show you How-to: Run multiple Ghost blogs (domains) on one machine¬†on the one Amazon Linux instance! Until then…

Leave a Reply