Subscribe
2 min read

Host a Blog with Ghost and Cloudflare

Host a Blog with Ghost and Cloudflare
Photo by RetroSupply / Unsplash

Setting up Ghost with a Cloudflare Tunnel is a brilliant "Modern Maker" move. It allows you to host your blog securely from a home server without opening any ports on your router, keeping your home network safe from outside scans.

The Workflow: Ghost + Cloudflare Tunnel

1. Create the Cloudflare Tunnel

First, you need to set up the "bridge" on the Cloudflare side.

  1. Log in to the Cloudflare Zero Trust Dashboard.
  2. Go to Networks > Tunnels and click Create a Tunnel.
  3. Choose Cloudflared as the connector and give it a name (e.g., HS-Labs).
  4. Copy the Tunnel Token provided in the "Install and run a connector" section. You will need this for your Docker file.

2. Configure the Public Hostname

In the Tunnel settings on Cloudflare:

  • Public Hostname: yourdomain.com (or blog.yourdomain.com).
  • Service Type: HTTP
  • URL: ghost:2368 (This points to the internal Docker network name, not your local IP).

3. The DIY Docker Setup

Create a folder for your project (e.g., ~/hs-lab) and create a docker-compose.yml file. This setup includes Ghost, a MySQL database, and the Cloudflared connector.

YAML

version: '3.8'

services:
  ghost:
    image: ghost:5-alpine
    restart: always
    environment:
      # CRITICAL: Change this to your actual public URL
      - url=https://yourdomain.com
      - database__client=mysql
      - database__connection__host=db
      - database__connection__user=root
      - database__connection__password=your_secure_password
      - database__connection__database: ghost
    depends_on:
      - db
      - tunnel
    volumes:
      - ./content:/var/lib/ghost/content

  db:
    image: mysql:8.0
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=your_secure_password
    volumes:
      - ./db:/var/lib/mysql

  tunnel:
    image: cloudflare/cloudflared:latest
    restart: always
    command: tunnel run
    environment:
      # Paste your Tunnel Token here
      - TUNNEL_TOKEN=your_cloudflare_tunnel_token_here

4. Fire It Up

From your terminal, navigate to your folder and run:

Bash

docker-compose up -d

Why this?

  • Tactile Control: You own the data in the ./content and ./db folders. You can back them up or move them to a new machine seamlessly.
  • Minimalist Security: No port forwarding (Port 80/443) is required. Your home network remains invisible to the public internet.
  • Precision: By using the ghost:5-alpine image, we keep the build lightweight and efficient.

For a visual step-by-step on setting this up within a server environment, check out this Ghost Installation and Cloudflare Tunnel Setup guide. This video walkthrough covers the transition from local server setup to exposing the site via Cloudflare.