Putting Ghost Blog Admin on SSL Nginx

Published
Last updated

I followed this guide to make a self-signed SSL cert on this server. I put a similar configuration like below for nginx in /etc/nginx/sites-available/ghost.

server {
    listen 80;
    listen [::]:80 ipv6only=on;

    server_name your-domain.com; # Replace with your domain

    location ^~ / {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header Host $http_host;
       proxy_set_header X-NginX-Proxy true;

       proxy_pass http://127.0.0.1:2368;
       proxy_redirect off;
    }

    location ^~ /ghost {
       rewrite ^ https://$http_host$request_uri? permanent;
    }
}

server {
    listen 443 ssl;
    listen [::]:443 ipv6only=on ssl;
    
    server_name your-domain.com; # Replace with your domain

    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;

    location ^~ / {
       rewrite ^ http://$http_host$request_uri? permanent;
    }

    location ^~ /ghost {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header Host $http_host;
       proxy_set_header X-NginX-Proxy true;

       proxy_pass http://127.0.0.1:2368;
       proxy_redirect off;
    }
}