Using ghost install correctly will set this up for you out-of-the-box. However, you seem to be doing something different to the guide, e.g., using Nginx Proxy Manager, which isn’t needed.
If you read the thread (from the post I referenced) you will understand that the first part of the thread was rolling back, so a clean installation could take place.
Ghost doesn’t install Nginx–it is a prerequisite–but it does configure the site an SSL for the given domain. Moreover, Nginx is a reverse proxy.
Ghost runs on the local host, e.g. 127.0.0.1:<some port> and Nginx is used to proxy this to http or https (recommended.) http is port 80 whereas http is on port 443; these ports are exposed to the Internet whereas the Ghost port is not.
You need to harden any server that is accessible to the Internet, more so with an application such as Ghost that can be set up as a bulk mailer. However, it looks like you are using a VM on your home network, so this should already be behind a firewall in your router; just make sure 80 and 443 are open and forwarded to the VM.
You are using MySQL, not MariaDB. This is an important distinction since Ghost only supports MySQL 8.0.
This is to be expected since you have a broken Nginx configuration.
If you haven’t already used Ghost, I think the best option is to start over. The thread I posted covers this for Ubuntu 20.04. The only difference is the OP wanted Ghost V4 whereas you can install V5 by omitting the 4.48.1,
To tidy up Nginx, remove the symbolic links to the Ghost site in /etc/nginx/sites-enabled and delete the borked configuration file in /etc/nginx/sites-available. Ignore or uninstall Nginx Proxy Manager since it is unnecessary.
You’ll almost certainly need to clear cookies in your web browser to prevent the unwanted redirects reoccurring.
Edit: I note your root domain is resolving fine. If you want to use Cloudflare instead of ACME (Let’s Encrypt etc.) then you’ll need to set up Cloudflare Origin Server certificates including a certificate request (CSR), and manually configure Nginx. If you’ve set up your root domain certificate with a wildcard, you may use this. Please reach out to me, and I can give you the Nginx configuration, since this is how I handle SSL.