Ghost 0.5.x from Source to Azure Web Sites–Part 4

This is a bonus post continuing the 3-part series on setting up the Ghost 0.5.x working from source code on Azure Windows Azure Websites.

Part 1: Setup
Part 2: Customize the Deployment
Part 3: Customize Themes

Now we are rocking an awesome NodeJS blog, complete with a custom theme, all being deployed from two different repositories.

Let’s take it up a notch and secure our blog with HTTPS for our custom domain, shall we?

Isn’t this documented elsewhere?

Sort of. You can read about getting your SSL certificate and configuring SSL for your Azure website, but things got a bit tricky when I started to configure Ghost to handle SSL. Sure, they’ve documented it too, but with Azure Websites it’s actually easier than all of this.

Let’s Do It!

Awesome! But before we get started, there are a few considerations you should know about before making the leap into SSL territory.

Consider This…

• SSL on Azure Websites adds cost for Basic sites, but is included in Standard sites if you’re using a custom domain. Learn about that here.
• If you’re using the *.azurewebsites.net domain, then HTTPS is already included and setup. You just need to configure your application!
• Changing SSL options in a production environment can take it down for a bit. If you need to worry about that, then check out the staged deployment options you can leverage in Window Azure.

Here we go!

1. Get an SSL certificate, just like they say in the Azure documentation. Personally, I used DigiCert as my certification provider and OpenSSL to generate all the pieces I needed.

2. Add the web.config as written in the Enforce HTTPS on Your Azure website section.

3. In your config.json file for your Ghost site, add the `urlSSL: `https://yoursitedomain.com`

4. DO NOT add the `forceAdminSSL` configuration option as mentioned in the Configuring Ghost or the How To Setup SSL for Self-Hosted Ghost.

   If you do, your site will work but it will no longer let you login as it will cause a redirect loop because Azure is redirecting you with the web.config and Ghost is redirecting afterwards resulting in the inability to login.

5. Lastly, update any references you have to external resources (e.g. CDNs) to use HTTPS rather than HTTP.

6. Publish and you’re done.

The Point

At this point, you have a cloud-hosted, NodeJS blog, that is open source, with a custom deployment that pulls a custom theme from source on deploy and is secured with an SSL certificate.

This is awesome, but probably overkill for some people.

My blog at https://www.davidwesst.com is just a personal blog. This is definitely overkill for such a small site, but the whole point was to figure out if I could get it going with all the bells and whistles for a high-end production site. And I did, and now so have you.

Comments

• Anonymous
  December 21, 2014
  So what's the deal with data persistence here? I looked at Hanselman's post and it seems like the configuration is just pointing to a local directory for the database. Won't this disappear should azure decide to move my site to another host?

• Anonymous
  December 22, 2014
  Great question! By default Ghost uses a SQLite file (.db) file as your database. If your Ghost instance gets redeployed onto another server, what you suggesting is possible. A couple of solutions:

1. You can also use a MySQL database to separate the database from the file structure.
2. You can have regular scheduled backups of your website that do a backup of the files to Azure storage (Reference: azure.microsoft.com/.../web-sites-backup) I use option two, just because I find it easier and I need it to backup my assets (e.g. images, etc...) too. With Ghost getting ready to launch "Apps" soon, I am hoping that we'll be able to have more flexibility about where data is stored rather than just through a backup process. Hope that helps clear things up!