Ryan McGovern saves the day.

So back in my first post on Ghost I said how much I loved running Ghost as a blogging platform. I still do, but it has its downsides.

But...Ryan McGovern saved my bacon.

Here's what happened. After the New Year 🎉 I thought I would write an obligatory Year in Review post. I think it's required.

I tried to log into my Ghost backend to begin writing and found that my SSL cert had expired. Not good.

That's an easy fix, Ghost has a CLI with a command called ghost doctor that'll tell me what's wrong so I ssh into my server and run the command.

Ghost Doctor declares nothing is wrong. I need to find a different doctor.

Sage Advice

You know how they say not to follow instructions you found on the Internet. Well, I should have heeded the warnings.

First recommendation was to backup your Ghost installation. Seems like a good idea, so I ran:

cd /var/www
sudo mv ghost ghost_backup
sudo cp ghost_backup ghost

Nothing wild and crazy here 🤞. Now, I can start messing with ghost with no worries.

The next step was to remove the SSL files and rerun ghost setup ssl. Everything makes sense, the world is good.

An ssl certificate already exists.

Hmm...Maybe I need to stop nginx beforehand.

sudo systemctl stop nginx
ghost setup ssl
// no dice
touch ghost  //oops
../
ls ghost

This is when I checked my server, and I'm not getting an expired cert anymore 🎉.

I'm getting a 502 Bad Gateway. Let's check ghost doctor. That's not working either. FML.

Network Matters

Here's where having a network matters. I'm part of the Learn Build Teach Discord Server. I mentioned that I was trying to figure this out as I was doing it.

Ryan offered to help and we jumped on a call to see how far down the Rabbit Hole I had gone.

Overview at Odessa — Photo by Charles DeLoye / Unsplash

According to Unsplash, this is bacon.

Did you spot the first error? I didn't. Obviously. Otherwise we wouldn't be at this point.

Problem Solving 101

First thing Ryan did was start his own Vanilla install of Ghost while we were chatting. Seems obvious. I didn't think of it.

He was able to use the Vanilla install to compare against while I was streaming my version.

Let's tackle the first problem.

cd /var/www
ll

// Yielded something like
drwxr-xr-x  7 root      root      4096 Jan  2 21:30 ./
drwxr-xr-x 14 root      root      4096 Jun  8 2020 ../
drwxr-xr-x  5 root      root      4096 Jan  2 21:30 ghost/
drwxr-xr-x  5 ghost-mgr ghost-mgr 4096 Jan  2 11:54 ghost_backup/

You see when I backed up, the permissions changed on my Ghost directory. They should have been to ghost-mgr but were stuck with root. This meant that ghost wasn't able to run. 🤦‍♂️

So we changed the permissions back to ghost-mgr and we were able to run Ghost Doctor again. We're back to the broken cert.

Inspecting that directory found more files than there were supposed to be in there. After deleting those and restarting Ghost we're back up and running.

I can't thank Ryan enough, I was on the verge of scrapping my Ghost site all together.

Preventing this in the future

After we solved the problem, we were talking about steps to prevent this in the future. Ryan mentioned that Digital Ocean offered backups starting a $1/mo. So we popped on over there to turn them on.

They were already on...mistakes were made.