Overview
In my last post, we discussed installing ghost cms on amazon web services. This post is the second part of the previous post. Here we’ll discuss how to use a custom domain and integrate let’s encrypt SSL in ghost CMS.
Make sure you read the part to understand setting up EC2 and installing ghost. on amazon web services.
Read here – Install ghost cms on AWS.
As of now, we have successfully installed ghost CMS on Amazone EC2 instance. And we were using an EC2 Ip address to access the blog. However, nobody will like to enter an IP address to access a website. So, here we’ll map the ghost blog to our third-party domain.
We’ll be using amazon Route53 network service to use DNS manager. So, let’s get started.
Login into AWS and navigate to Route53
Continue reading for how to use a custom domain and let’s encrypt SSL in ghost installation on AWS.
Here you need to create a new hosted zone. A hosted zone is a DNS centre considered to be a normal shared hosting plan. Once the hosting zone has been created you need to create records in it.
Here, two records are automatically get created when you create a hosted zone. Namely, NS and SOA records. So, you need to create two additional records by clicking the create recordset button. For the first record, leave the name empty and paste the IP Address of your instance in the value section. (Get the IP from instance details).
For the second record set, you need to put *(asterisk) in the name section and paste the IP address in the value section. Now we have completed our task in Route 53. Coming next, access your domain registrar’s DNS section and update the name server details as given in the NS records.
eg:
Yes! we have successfully mapped the third-party domain to AWS Route53. So, from now on Route53 will resolve the IP address for traffic to the EC2 instance. This DNS propagation may take some time as in my case it took almost 20 mins.
Coming to the next step,
Step 2: Setting up SSL in ghost blog
As per Google, an SSL certificate is mandatory for all websites from 2019. Google will display the website as non-secure if you fail to install an SSL certificate. So, here we’ll secure the ghost installation using a free SSL that is valid for a lifetime. Here we will be using an ACPE client called Certbot to get certificates. Using services such as Certbot made SSL installation ridiculously easy in Apache or Nginx-based web servers.
Follow the steps to install SSL on the ghost blog,
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
And install Certbot using,
sudo apt-get install certbot python-certbot-nginx
After successful installation run this command,
sudo certbot --nginx #apache if you are using apache
This will ask you some series of questions like email, which domain you want to install etc. Follow the instructions and Certbot will install and redirect all traffic to HTTPS.
So as far now, we have completed mapping the domain to Route53 and installing SSL. Now access the instance in a terminal and edit the following file.
$ sudo nano /var/www/blog/config.production.json
#update the blog url to https://your-domain.com
Finally, we have successfully installed and activated the ghost blog with SSL and mapped our personal domain. In order to work HTTPS, you need to add an additional rule in your security group on the AWS EC2 instance. Open AWS and navigate to security groups. Find the security group related to the particular EC2 instance.
#and add a new inbound rule
HTTPS TCP 443 0.0.0.0/0
After adding the new rule you can access your blog at https://your-domain.com.
Conclusion
In conclusion, we have installed the ghost blog on the amazon web server mapped the third-party domain to the blog and installed a free SSL from Certbot. I hope you enjoyed and learned from Installing ghost CMS on amazon web services. If so, feel free to share and comments your views below in the comments section.
Pingback: Install Ghost CMS on AWS: Powerful alternative to WordPress - Part 1