This role sets up a ghost blog using the official ghost image with podman. It also sets up a MySQL database for the blog.
This role relies on podman being available on the host and the podman_container ansible module in ansible.
To cover the first one, ensure podman is installed on your system. For installation instructions, see the podman installation guide.
To cover the dependencies for the podman_container module, ensure you have the containers.podman Ansible collection installed:
ansible-galaxy collection install containers.podmanghost__host(required, default: localhost): The value of this variable has 2 main uses: it defines the URL for the blog and is also used to define the container's name. The URL will be defined ashttps://{{ ghost__host }}while the container's name is generated by converting the variable's dots to underscores and prependingghost_to it.ghost__version(optional, default: 5.130.5): Ghost's Docker image tag to use in the container. See Ghost image tags in Docker Hub.ghost__base_dir(optional, default: /var/ghost-blog): Folder where to setup the blog's persistent files.ghost__blog_name(optional, default: Ghost Blog): Name to reference a particular instance of the role within Ansible. Doesn't have any semantic effect on the service.ghost__listen_host(optional, default: 127.0.0.1): Address where the container will publish the blog's socket.ghost__listen_port(optional, default: 2368): Port where the container will publish the blog's port.ghost__configs(optional, default: {}): Dictionary of configurations to be passed to the container as environmental variables. See Ghost's Configuration Docs for all the possible values and specifically Ghost's environment variable configuration guide on how to convert the keys into environmental variables.ghost__mysql_root_password(required): Root password for the MySQL container.ghost__mysql_password(required): Password for the Ghost database user.ghost__mysql_version(optional, default: 8.4.7): MySQL image tag to use.ghost__mysql_user(optional, default: ghost): Username for the Ghost database.ghost__mysql_database(optional, default: ghost): Name of the Ghost database.ghost__network_name(optional, default: net<ghost__host>_): Name of the Podman network to be created and used by the container. The network's name is generated by converting the variable's dots to underscores and prependingnet_to it.ghost__network_cidr(optional, default: 172.21.0.0/29): CIDR range for the Podman network.ghost__network_gateway(optional, default: 172.21.0.1): Gateway IP address for the Podman network.
It is suggested that you don't expose the Ghost's port directly to the outside world but rather to use a reverse proxy such as Nginx to forward the appropriate traffic.
This allows for easier TLS setup and sharing of the HTTPS port among multiple applications.
The following would be a fairly common role usage example:
- host: my-blog.my-domain.com
roles:
- role: salessandri.ghost
vars:
ghost__host: my-blog.my-domain.com
ghost__base_dir: /var/my-blog
ghost__blog_name: Personal Blog
ghost__mysql_root_password: '{{ mysql_root_password_vault }}'
ghost__mysql_password: '{{ ghost_mysql_password_vault }}'
ghost__configs:
database__client: mysql
database__connection__host: 'ghost_db_{{ ghost__host | regex_replace("[\.\/]", "_") }}'
database__connection__user: '{{ ghost__mysql_user }}'
database__connection__password: '{{ ghost__mysql_password }}'
database__connection__database: '{{ ghost__mysql_database }}'
mail__from: '"My Blog Email" <blog@my-domain.com>'
mail__transport: 'SMTP'
mail__options__host: smtp.my-domain.com
mail__options__port: 465
mail__options__secureConnection: true
mail__options__auth__user: blog_mail_user
mail__options__auth__pass: '{{ blog_mail_password_vault }}'MIT
This role was created in 2020 by Santiago Alessandri.