Fresh install issues on a fresh VPS... Debian stable (stretch)


#1

I’ve hosted Ghost in the past - albeit a couple of years ago. A new command-line install - woohoo, great - at last.
I’ve run into the following issues/questions:

  1. the install barfs with the default mysql-server in Debian stable because that is MariaDB and has the socket-uid authentication turned on. Solution: set up your ghost-db and user before you run ghost install
  2. letsencrypt ACME implementation is not as distro recommeds - better to skip this and use certbot from stretch-backports afterwards -> note that flipping to HTTPS only will cause renew problems, but that is a certbot-nginx-config issue…
  3. installing a second ghost-blog - works ok, up to the end - then something silently failed. There is an ENTER PASSWORD dialogue - which password does it want? I entered my UID password assuming that it assumes all sudo is with password - silently fails. Website is up and running, but no images and ownership is still my normal UID account.

My questions are:

  1. what ownership / permissions does ghost want on /var/www/ghost and children?
  2. how do I resume the stalled install…

#2

hmmm - as there are no image files… I assumed a copy fail - am I running into a security issue with same-origin -headers?


#3

Yes - looks like this is the issue - newer browsers like Chrome and Edge respect the Content-Security-Policy default_src ‘self’ header, so the install images are not visible… older browsers display the site fine…


#4

and permissions - from checking on another install -

looks like the var/www/XXX and children should be owned by a non-root normal user (not ghost), but that the var/www/XXX/content and all children should be owned by ghost.ghost.

not sure why the XXX/system/nginx-root/ was not created :? maybe the install worked.


#5

It seems so, and that you are doing well. Some of the things you mention can also happen on Ubuntu 16.04 (part of the recommended and supported stack).

I also used Debian years ago (not for Ghost), because of rock solid stability, etc. However, Ubuntu 16.04 LTS (based on Debian 9 Stretch) is pretty stable as well, and gives less issues because it’s constantly tested and used with Ghost. Anyway, apart from some issues, the unsupported Debian installation seems pretty similar to the supported Ubuntu installation.


#6

I’ve also discovered that Ghost and Content-Security-Policy don’t play nicely :frowning:


#7

CSP is discussed in issue #7206. It seems that pull requests are welcome, but after some unfinished attempts no one has contributed a good proposal for Ghost’s specific characteristics yet.


#8

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.