Skip to content

Instantly share code, notes, and snippets.

Last active November 5, 2017 02:19
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save ErisDS/0edb9c2bca72f99b6a428ae9f17cb747 to your computer and use it in GitHub Desktop.
Save ErisDS/0edb9c2bca72f99b6a428ae9f17cb747 to your computer and use it in GitHub Desktop.
Ansible tips for Ghost-Cli TODO: make this a proper repo

This assumes that you have already installed:

  • mariadb/mysql (no example provided)
  • node v6 (see node-install.yml)
  • ghost-cli latest (see ghost-cli-install.yml)
  • nginx (see nginx-install-config.yml)

After that, running install-ghost.yml will:

  • create you a db user (ghost cli may take this over in future)
  • optionally create a record in CloudFlare, if you don't do this, point your domain at the server before running this
  • install ghost with full SSL, which will handle all nginx and letsencrypt setup
- name: Ghost CLI | Install "ghost-cli" node.js package globally.
name: ghost-cli
global: yes
- name: Ghost CLI | Create directory
name: /var/www/ghost
owner: admin
group: admin
state: directory
- name: Install Ghost
hosts: ghost
remote_user: admin
gather_facts: false
become: true
- name: MariaDB | Create ghost database
name: ghost
state: present
# This assumes that the root password is set in /root/.my.cnf
# else add login_password: "{{ mysql_ghost_password }}"
# and pass the password in
- name: MariaDB | Create ghost MySQL user
login_user: root
user: ghost
password: "{{ mysql_ghost_password }}"
host: "{{ item }}"
priv: ghost.*:ALL
state: present
- ::1
- localhost
- name: CloudFlare | Register A record
zone: "{{ base_domain }}"
record: "{{ server_hostname }}"
state: present
type: A
value: "{{ inventory_hostname }}"
proxied: True
solo: True
account_email: "{{ cloudflare_account_email }}"
account_api_token: "{{ cloudflare_api_token }}"
register: record
when: register_cf_record
# Install Ghost without the interactive setup
- name: Ghost | Install Ghost
shell: ghost install --no-setup
chdir: /var/www/ghost
# Setup Ghost - needs to not be interactive
- name: Ghost | Configure & Setup Ghost
shell: "ghost setup --url=https://{{ server_domain }} --db=mysql --dbhost=localhost --dbuser=ghost --dbpass={{ mysql_ghost_password }} --dbname=ghost --sslemail={{ ssl_email }} --start"
chdir: /var/www/ghost
- name: Nginx | Install
name: nginx
state: present
update_cache: yes
# Allow SSH connections over ufw
- name: Nginx | Allow Nginx HTTPS in UFW
rule: allow
name: 'Nginx Full'
- name: Nginx | Ensure default nginx virtual host is removed.
path: /etc/nginx/sites-enabled/default
state: absent
notify: restart nginx
# Set client_max_body_size 50m; in nginx.conf
- name: Nginx | Set client_max_body_size
path: /etc/nginx/nginx.conf
line: "\tclient_max_body_size 50m;"
regexp: "^\tclient_max_body_size"
insertafter: "\ttypes_hash_max_size 2048;"
notify: restart nginx
- stat:
path: /tmp/
register: script
- name: Download the nodesource setup script
dest: /tmp/
when: script.stat.exists == False
- name: Execute the nodesource install script
shell: bash
chdir: /tmp
executable: /bin/bash
when: script.stat.exists == False
- name: Install dependencies
name: "{{ item }}"
state: latest
update_cache: yes
- nodejs
- build-essential
Copy link

jloh commented Jun 22, 2017

Is there a reason you specify a gid/uid for the user/group manually? Generally system users/groups should have a uid under 1000/ above 100.

Defaults taken from /etc/login.defs on an Ubuntu 16.04 system:

# Min/max values for automatic uid selection in useradd
UID_MIN			 1000
UID_MAX			60000
# System accounts
#SYS_UID_MIN		  100
#SYS_UID_MAX		  999

# Min/max values for automatic gid selection in groupadd
GID_MIN			 1000
GID_MAX			60000
# System accounts
#SYS_GID_MIN		  100
#SYS_GID_MAX		  999

Copy link

ErisDS commented Jul 8, 2017

This was a temporary work around, and it was done this way to align with an internal system. You can skip these steps now as Ghost-CLI actually does this for you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment