Sign in Subscribe

Ghost on AWS Backup Strategy

Ghost on AWS Backup Strategy
Photo by NOAA / Unsplash

When it comes to backup and recovery, it's always best to figure out the strategy before you need it. AWS server instances are virtual servers on shared hardware and the disks can fail like anywhere else. My strategy is to take backups using the ghost CLI backup command after each new post is published and before I attempt any updates or enhancements. This is documented here on the Ghost website.

The Ghost backup creates a zip file on the server containing both the contents of all the posts and pages as well as the themes and customisations. I then manually copy the zip file to my client computer using scp.

scp -i C:\Users\Robin\.ssh\Ghost-Key-Pair.pem ubuntu@[ip address]:/var/www/ghost-blog/backup-from-v5.75.0-on-2023-12-20-08-59-42.zip c:\Users\Robin\AWS

When it comes to restoring the blog, it is prudent to plan for a total failure of the server. If you can recover from that then you should be able to recover from less serious glitches along the way!

So the restore strategy is basically a total rebuild of the server, reinstalling the prerequisite software, installing Ghost and then restoring the themes and content. The benefit of this approach is that the Linux software, the prerequisite software and the Ghost software will be fully up to date. Luckily the total rebuild of the server and the reinstalling of the prerequisite software is just a five minute task documented here in a previous post!

Now that we have a running instance, we can associate the same elastic IP address with the running instance as was used before. This is a public IP address. You can now connect to the instance using ssh.

ssh ubuntu@[ip address] -i c:\Users\Robin\.ssh\Ghost-Key-Pair.pem

Once the prerequisite software is installed, it is just a matter of installing Ghost itself. First though, Ghost requires that the root MySQL user has a password. Run these commands to give the root user a password:

# Enter mysql
sudo mysql
# Update permissions
ALTER USER 'root'@'localhost' IDENTIFIED WITH 'mysql_native_password' BY '<your-new-root-password>';
# Reread permissions
FLUSH PRIVILEGES;
# exit mysql
exit

Next install Ghost in exactly the same way you installed it beforehand. If you need more fine-grained control, the CLI has flags and options that allow you to break down and customise the install steps but you want the same installation as before to ensure that your backup will be compatible with the new installation. In order to setup SSL, you must have port 80 open even if this port is not open during production.

cd /var/www/ghost-blog
ghost install

Install questions

During install, the CLI will ask a number of questions to configure your site.

Blog URL

Enter the exact URL your publication will be available at and include the protocol for HTTP or HTTPS. For example, https://example.com. If you use HTTPS, Ghost-CLI will offer to set up SSL for you. Using IP addresses will cause errors.

MySQL hostname

This determines where your MySQL database can be accessed from. When MySQL is installed on the same server, use localhost (press Enter to use the default value). If MySQL is installed on another server, enter the name manually.

MySQL username / password

If you already have an existing MySQL database, enter the the username. Otherwise, enter root. Then supply the password for your user.

Ghost database name

Enter the name of your database. It will be automatically set up for you, unless you’re using a non-root MySQL user/pass. In that case the database must already exist and have the correct permissions.

If you provided your root MySQL user, Ghost-CLI can create a custom MySQL user that can only access/edit your new Ghost database and nothing else.

Sets NGINX up automatically enabling your site to be viewed by the outside world. Setting up NGINX manually is possible, but why would you choose a hard life?

If you used an https Blog URL and have already pointed your domain to the right place, Ghost-CLI can automatically set up SSL for you using Let’s Encrypt. Alternatively you do this later by running ghost setup ssl at any time.

SSL certification setup requires an email address so that you can be kept informed if there is any issue with your certificate, including during renewal.

systemd is the recommended process manager tool to keep Ghost running smoothly. We recommend choosing yes but it’s possible to set up your own process management.

Start Ghost?

Choosing yes runs Ghost, and makes your site work. This will be Ghost without any pages or posts exactly how it was when you first installed it.

Use scp to copy the last backup using your private key to access the server.

scp -i C:\Users\Robin\.ssh\Ghost-Key-Pair.pem c:\Users\Robin\AWS\backup-from-v5.75.0-on-2023-12-20-08-59-42.zip ubuntu@[ip address]:/var/www/ghost-blog

Next unzip the backup on the server. The zip application is automatically installed when the server is built as it is not present on the default ubuntu instance.

unzip backup* -d content
sudo chown -R ghost:ghost content
ghost restart

Import content

To begin the content migration, head to the Labs section of Ghost Admin and import the ghost.json backup which is part of the backup you unzipped above.

Upload routes and redirects

From the Labs page, import the routes.yaml and redirects.yaml files that are part of the backup you unzipped above.

Upload theme

Next, upload your theme in the Design settings page of Ghost Admin to get your site looking the same way it did before.

Reconnect Stripe

Skip this step if you’re not using Stripe for paid subscriptions.

To import paid members, Ghost needs to be connected to Stripe in Live mode before you import your members.

Make sure to connect Ghost to the same Stripe account you were using on your old installation - learn more about how to connect a Stripe account in this guide.

Import members

With Stripe connected, you can now import your members CSV file. You’ll receive an email notification when the import process has completed.

Restoration Complete

The Ghost System has now been restored on a new server instance. It would be prudent to check in detail that all the posts and pages are in place and that the theme design is identical to before.