I forgot the password to the site I setup long ago, this is self-hosted. I don’t recall setting up email, so I skipped the normal methods and went right for writing to the db directly. For some reason I have yet to determine, even writing to the db directly does not work, that is I am still unable to login.
As my normal linux user I logged into mysql using the user/pass that ghost uses, I copied it right from the config file. No issues there.
mysql -u ghostusr -p
Then I selected the db, and queried the users table to double check that I had the right email. Then I issued
UPDATE users SET password='$2y$10$oR1hPXrohuS8PyIFDwWSTO2EOH.rH7nhes7Bpufd3x4Fm1JKSIo1y' WHERE email = '022-449@example.com'
I used the right email, I’ve redacted it here. I generated the bcrypt hash using the following
htpasswd -bnBC 10 "" password | tr -d ':\n'
When I open the site in my Firefox browser and visit https://site/ghost/ I see in the Ngnix logs
==> /var/log/nginx/access.log <==
10.0.20.5 - - [16/Jan/2025:13:10:58 -0500] "GET /ghost/ HTTP/1.1" 200 1841 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:58 -0500] "GET /ghost/assets/vendor-0ede59da8efb5e28fa929557f7ff7154.css HTTP/1.1" 499 0 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:58 -0500] "GET /ghost/assets/videos/logo-loader-d91f93ba1dbf0f52a22815b5a571bd31.mp4 HTTP/1.1" 499 0 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:58 -0500] "GET /ghost/assets/img/apple-touch-icon-74680e326a7e87b159d366c7d4fb3d4b.png HTTP/1.1" 499 0 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:58 -0500] "GET /ghost/assets/img/favicon-a9c6dbdcdc3ae568f4e0dad92149a0e3.ico HTTP/1.1" 499 0 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:58 -0500] "GET /ghost/api/admin/users/me/?include=roles HTTP/1.1" 400 303 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:58 -0500] "GET /ghost/api/admin/site/ HTTP/1.1" 200 301 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:59 -0500] "GET /ghost/api/admin/users/me/?include=roles HTTP/1.1" 400 303 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:59 -0500] "GET /ghost/api/admin/site/ HTTP/1.1" 200 301 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:10:59 -0500] "GET /ghost/api/admin/authentication/setup/ HTTP/1.1" 200 27 "-" "-"
I then enter username and password into FIrefox and see the following in Nginx access log, nothing shows up in the error log. In the browser I’m returned to the page like nothing happened.
10.0.20.5 - - [16/Jan/2025:13:12:25 -0500] "POST /ghost/api/admin/session HTTP/1.1" 201 7 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:25 -0500] "GET /ghost/api/admin/users/me/?include=roles HTTP/1.1" 400 303 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:25 -0500] "DELETE /ghost/api/admin/session HTTP/1.1" 204 0 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:25 -0500] "GET /ghost/api/admin/config/ HTTP/1.1" 499 0 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:26 -0500] "GET /ghost/ HTTP/1.1" 200 1841 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:26 -0500] "GET /ghost/api/admin/users/me/?include=roles HTTP/1.1" 400 303 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:26 -0500] "GET /ghost/api/admin/site/ HTTP/1.1" 200 301 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:26 -0500] "GET /ghost/api/admin/users/me/?include=roles HTTP/1.1" 400 303 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:26 -0500] "GET /ghost/api/admin/site/ HTTP/1.1" 200 301 "-" "-"
10.0.20.5 - - [16/Jan/2025:13:12:26 -0500] "GET /ghost/api/admin/authentication/setup/ HTTP/1.1" 200 27 "-" "-"
$ ghost doctor
Love open source? We’re hiring JavaScript Engineers to work on Ghost full-time.
https://careers.ghost.org
✔ Checking system Node.js version - found v18.17.1
✔ Checking logged in user
✔ Ensuring user is not logged in as ghost user
✔ Checking if logged in user is directory owner
✔ Checking current folder permissions
✔ Checking system compatibility
✔ Checking for a MySQL installation
+ sudo systemctl is-active ghost_packetinspection-net
Instance is currently running
ℹ Validating config [skipped]
✔ Checking folder permissions
✔ Checking file permissions
✔ Checking content folder ownership
✔ Checking memory availability
✔ Checking binary dependencies
✔ Checking free space
✔ Checking systemd unit file
✔ Checking systemd node version - found v18.17.1
I am lost as to why this isn’t working. From a network perspective I have a “complicated” setup, as in reverse proxy which terminates the SSL, but otherwise I think it is a typical site. Is there a way for me to get more logs/debug info from ghost proper? It appears nginx, etc. is working as it should.