Since you haven’t named the files, I can’t be precise. However, you need to delete the symbolic link for the HTTP config in /etc/nginx/sites-enabled. The file can still be found in /etc/nginx/sites-available if needed later.
Once you’ve done this, do sudo systemctl reload nginx, edit the site URL in you production.config.json to HTTPS, and restart ghost.
Thanks for your continuing help. I went a little farther and did a reinstall with https on. I can delete the items in the sites-available folder and they come back just fine.
The new issue appears to be a database error.
Ghost was able to start, but errored during boot with: Access denied for user ‘ghost-793’@‘localhost’ (using password: YES)
I’m thinking maybe a uninstall and then reinstall?
I ended up uninstalling and reinstalling to get rid of the MySQL error. Everything looks great (meaning that there are no obvious errors), but the site still doesn’t work. I took a look at the config and I’m not sure specifically what I’m looking for, but again it looks in order. Let me know if you have any other hints.
I do use UFW and I did add https to the rules, but there was no change.
As of this morning the Nginx status is listed as failed. So that happened during my evening. I can’t get it running manually (start, restart, reload, etc). My normal steps here would be restart and then reinstall. I might be muddying the water quite a bit at this point.
This morning I started reading the errors. Apparently, a path to a certificate isn’t correct. If I’m reading this correctly it’s looking in the /etc/letsencrypt/fourankles.com folder for a fullchain.cer. There is a fourankles.com_ecc file. Could this be the issue? Or am I reading this incorrectly?
I used ghost uninstall and reinstalled and ran setup again. It couldn’t find the nginx installation. I assumed there must be remnants of previous installations and errors, so I thought instead of chasing problems I’d reset the server (thumbs up to a vps box).
I just finished the reinstall a few minutes ago. My new error is:
Message: Ghost was able to start, but errored during boot with: Access denied for user ‘root’@‘localhost’
Help: Unknown database error
Suggestion: journalctl -u ghost_fourankles-com -n 50
So I checked the journal and there are no entries.
During the install I picked root as the mysql user per the instructions.
I want to apologize for jumping ahead, but the game of “whack-a-mole” was frustrating to chase down, so I thought this was the best approach.
I would like to think I did, but at this point I’m second guessing myself at every step.
I ran setup again and get the same DB error. I’ll dig in the forum to see if I can find something along the lines about that error.
There’s no no native password set for the root MySQL account.
Try this …
# Set root password
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
# This is good practice
# Test that you can login
sudo mysql -u root -p
Ideally, you should create another database user for Ghost that only has privileges for the one Ghost database.
Thank for the additional info Martin. I think I’m going to restart the VPS for fresh and use your alter user command during the setup. I do notice that everytime I run setup that I see there is another user created. The format is ghost-1234. It’s a different number each time.
Okay. Clean VPS and fresh install. The only difference was that I added Martin’s extra work of putting in a password for the mysql root account and making it a secure installation.
At the end of the install the note is that it couldn’t restart Nginx. However, I checked systemctl and it running and doctor shows no errors.
So I then restarted ghost, but no luck.
Next I stop nginx (systemctl stop nginx) and then try to restart (systemctl start nginx) and it fails.
I check the journalctl and it looks like it can’t load the certificate!
Not sure what’s happening this time, but it felt closer. Let me know if you have any ideas.
The Let’s Encrypt service limits requests for the same certificate to 5 time a week. If you’ve reached this limit, you can’t get another certificate (unless you request the same certificate alongside a new subdomain, for example.)
Some time ago, I decided not to use Let’s Encrypt, and handle SSL with a free Cloudflare account. To achieve this, you’ll need to use Cloudflare nameservers, and then generate SSL certificates in their dash for authenticated pulls. Cloudflare will then sort the public certificates, and renew them automatically.
Sorry this step has taken me a few days. I finally had the time to sit down and work on this. I’ve made an account at cloudflare, and repointed the DNS servers. I’m at the waiting interval. I’ll work on this tomorrow, but should I start over from the beginning again. Or just restart ghost setup?