FirePress.org | play-with-ghost | GitHub | Twitter

 

ghostfire

What is this?

What is Ghost? — Ghost is an open-source software that lets you create your website with a blog. See the FAQ section for more details. This project makes it run in a Docker image.

Docker image features :

• Multi-stage builds with aggressive optimization
• Security-focused: Non-root user execution with gosu privilege dropping
• Multi-architecture support: linux/amd64, linux/arm64, linux/arm/v7
• Production-ready: config.production.json template with best practices
• Alpine Linux base for minimal attack surface (we don't maintain debian)
• Health checks with curl support
• Labels based on the OpenContainer standard
• Conditional dependencies: Smart installation of sharp and sqlite3
• Enterprise-grade: Optimized for Docker Swarm deployments

We achieve significant size optimization through multi-stage builds and aggressive cleanup:

devmtl/ghostfire:stable                ~320MB (optimized)
ghost:5.x-alpine                       ~380MB (official)

GitHub Actions CI/CD :

• Multi-architecture builds: linux/amd64, linux/arm64, linux/arm/v7
• Comprehensive security scanning: Snyk, Dockle, Trivy vulnerability detection
• Performance testing: Lighthouse audits (localhost and online)
• Quality assurance: Linting using super-linter
• Automated deployment: Continuous deployment to Docker Swarm clusters
• Smart caching: Build cache optimization for faster CI/CD
• Notification system: Slack notifications for build status
• Shared variables: Efficient job coordination and data sharing
• Best practices: Following enterprise DevOps standards
• Extreme visibility: Comprehensive logging and monitoring during builds

Live Demo

Want to try Ghost quickly? This is for you!

play-with-ghost.com is a playground to learn about Ghost. What's remarkable here, is that you have the option to log into the admin panel of each live demo available, by using dummy credentials.

In short, you can try Ghost on the spot without having to sign-up!

Continuous integration

See Github Actions sections

At this point, this docker image has been pulled more than 11 millions of time!

Quick Start

Option #1 (basic run)

GHOSTFIRE_IMG="devmtl/ghostfire:stable"

docker run -d \
  --name ghostblog \
  -p 2368:2368 \
  -e url=http://localhost:2368 \
  ${GHOSTFIRE_IMG}

Option #2 (production with persistent data)

GHOSTFIRE_IMG="devmtl/ghostfire:stable"

docker run -d \
  --name ghostblog \
  -p 2368:2368 \
  -e url=http://localhost:2368 \
  -v /myuser/localpath/ghost/content:/var/lib/ghost/content \
  -v /myuser/localpath/ghost/config.production.json:/var/lib/ghost/config.production.json \
  ${GHOSTFIRE_IMG}

Option #3 (development with health checks)

GHOSTFIRE_IMG="devmtl/ghostfire:stable"

docker run -d \
  --name ghostblog \
  -p 2368:2368 \
  -e url=http://localhost:2368 \
  -e NODE_ENV=development \
  --health-cmd="curl -f http://localhost:2368/ || exit 1" \
  --health-interval=30s \
  --health-timeout=10s \
  --health-retries=3 \
  -v $(pwd)/content:/var/lib/ghost/content \
  ${GHOSTFIRE_IMG}

To configure the config.production.json refer the ghost docs.

master branch (stable) tags 🐳

For the stable branch, I recommend using the tag from the first line:

devmtl/ghostfire:stable_5.120.4_<hash>_<date>
devmtl/ghostfire:stable_5.120.4
devmtl/ghostfire:stable

Find the latest tags on DockerHub here: https://hub.docker.com/r/devmtl/ghostfire/tags/

edge branch (dev) tags 🐳

This is reserved for development and testing.

devmtl/ghostfire:edge_5.120.4_<hash>_<date>
devmtl/ghostfire:edge_5.120.4
devmtl/ghostfire:edge

Architecture & Security

Multi-Stage Build Process

Our Dockerfile uses a sophisticated 4-stage build process:

1. mynode - Base Node.js environment with security tools (gosu, timezone setup)
2. debug - Package version debugging and validation layer
3. builder - Ghost installation and native dependency compilation
4. final - Minimal runtime image with only necessary components

Security Features

• Non-root execution: Runs as node user for enhanced security
• Privilege dropping: Uses gosu for secure step-down from root
• File permissions: Proper ownership and permission management
• Minimal attack surface: Alpine Linux base with aggressive cleanup
• Vulnerability scanning: Integrated security scanning in CI/CD

Volume Management

Critical paths for data persistence:

/var/lib/ghost/content              # All Ghost content, themes, uploads
/var/lib/ghost/config.production.json  # Runtime configuration
/var/lib/ghost/content/logs         # Application logs
/var/lib/ghost/content/data/ghost.db    # SQLite database

DevOps best practices

Let's understand our processes. In this post « How we update hundreds of Ghost's websites on Docker Swarm? », we explain how we deploy Ghost in production and which best practices we do follow.

Enhanced unit tests during the CI

Developing Ghost themes locally

I open-sourced my setup here. It’s a workflow to run Ghost locally within a Docker container. Once your local paths are defined, it’s enjoyable and easy to work between many themes.

Configuration & Database

Database Support

• SQLite (default): Zero-configuration, file-based database at /var/lib/ghost/content/data/ghost.db
• MySQL: Full support with connection configuration in config.production.json

Configuration Management

Ghost configuration is handled via config.production.json with these key areas:

• Database connection: SQLite default or MySQL configuration
• Mail configuration: SMTP/Mailgun templates provided
• Logging: 7-day retention with 5-day rotation
• Content paths: Mapped to /var/lib/ghost/content
• URL configuration: Flexible URL and SSL settings

Version Information

Current Stack:

• Ghost: v5.120.4 (latest stable)
• Node.js: 20.19.2 on Alpine Linux 3.22
• Ghost CLI: v1.27.0

Check versions in running container:

docker exec <container-id> node --version
docker exec <container-id> ghost --version

Migration Notes

Path consistency across versions:

- Ghost 5.x.x: /var/lib/ghost/content ✅ (current)
- Ghost 4.x.x: /var/lib/ghost/content
- Ghost 3.x.x: /var/lib/ghost/content
- Ghost 2.x.x: /var/lib/ghost/content
- Ghost 1.x.x: /var/lib/ghost/content
- Ghost 0.11.x: /var/lib/ghost (deprecated)

FirePress Hosting

At FirePress we empower entrepreneurs and small organizations to create their websites on top of Ghost.

At the moment, our pricing for hosting one Ghost website is $15 (Canadian dollars). This price will be only available for our first 100 new clients, starting May 1st, 2019 🙌. See our pricing section for details.

More details about this announcement on Ghost's forum.

Contributing

The power of communities pull request and forks means that 1 + 1 = 3. You can help to make this repo a better one! Here is how:

1. Fork it
2. Create your feature branch: git checkout -b my-new-feature
3. Commit your changes: git commit -am 'Add some feature'
4. Push to the branch: git push origin my-new-feature
5. Submit a pull request

Check this post for more details: Contributing to our Github project. Also, by contributing you agree to the Contributor Code of Conduct on GitHub. It's plain common sense really.

License

• This git repo is under the MIT license. Find it here.
• The Ghost's software is under the MIT license. Find it here.

Sources & Fork

• This Git repo is available at https://github.com/firepress-org/ghostfire
• Forked from the official Ghost image

Why all this work?

Our mission is to empower freelancers and small organizations to build an outstanding mobile-first website.

Because we believe your website should speak up in your name, we consider our mission completed once your site has become your impresario.

For more info about the man behind the startup, check out my now page. You can also follow me on Twitter @askpascalandy.

— The FirePress Team 🔥📰