Instructions for installing Ghost on an Orange Pi 5

This step by step tutorial will help you get your own instance of the Ghost blogging system running on an Orange Pi. All of this is made possible without port forwarding using Cloudflare Tunneling.

Instructions for installing Ghost on an Orange Pi 5
This image was created using Bing's AI image creator.

This tutorial is an amalgamation of instructions found at, other sources online, a lot of trial and error, tons of hours, but eventually this is what worked for me.

  1. Install the Orange Pi Ubuntu server release from I'm using Orange Pi 1.2.0 Jammy server. Username and password are orangepi by default. After burning the image to a microSD using Balena Etcher, boot off the card, find the ip address in the router, and then log in with Termius (that's the program I'm most familiar with). Do the following to install to the NVME drive, remove the card, and off you go!
sudo orangepi-config
Then choose System->Install->Boot from SPI and install the new updated boot loader to the SPI flash.
  1. Change the IP address to static using the orangepi-config command.
sudo orangepi-config

Select Network, then IP, then static, and then configure to a static IP of your choosing.

  1. Install and set up a Cloudflare Tunnel on your Orange Pi. I recommend watching this tutorial:

Then, point your domain to the IP address of your Orange Pi.

  1. Install MySQL by following steps 3-5 from
sudo apt install mysql-server
sudo service mysql status
sudo cat /etc/mysql/debian.cnf
  1. Configure MySQL (ghost_database can be named anything). Take note of the user and password from the last step, you'll need it next
CREATE DATABASE ghost_database;
USE database_name;
GRANT ALL PRIVILEGES ON ghost_database.* TO 'PUT USERNAME HERE'@'localhost';
flush privileges;
  1. Install NGINX
sudo apt-get install nginx
  1. Download and import the Nodesource GPG key
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg

echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg]$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list

sudo apt-get update
sudo apt-get install nodejs -y
  1. Install Ghost-CLI per
sudo npm install ghost-cli@latest -g
  1. Install Ghost per Install Ghost-CLI per
# Create directory: Change `sitename` to whatever you like
sudo mkdir -p /var/www/sitename

# Set directory owner: Replace <user> with the name of your user
sudo chown <user>:<user> /var/www/sitename

# Set the correct permissions
sudo chmod 775 /var/www/sitename

# Then navigate into it
cd /var/www/sitename
  1. Run the install process per
ghost install
  1. Enter the URL.
  2. Keep MySQL hostname as localhost.
  3. MySQL username / password / Ghost database name should be the same as created in #4 above.
  4. Set up NGINX? No, we'll do this manually.
  5. Set up SSL? No, because Cloudflare does that for us.
  6. Set up systemd? Yes
  7. Start Ghost? Yes
  8. Configure NGINX Manually per (this might not be exact, I had to mess around a bit to figure it out, but I think this will work)
cd /etc/nginx/
cd sites-available
sudo rm default
sudo touch ghost
cd ..
cd sites-enabled
sudo rm default
  1. Edit NGINX per by using
sudo nano /etc/nginx/sites-available/ghost
  1. Paste the following and exit save:
server {
    access_log /var/log/nginx/ghost.log;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_redirect off;
  1. Create a symbolic link to activate the configuration.
sudo ln -s /etc/nginx/sites-available/ghost /etc/nginx/sites-enabled/ghost
  1. Increase upload size for NGINX by editing /etc/nginx/nginx.conf
sudo nano /etc/nginx/nginx.conf

then add the following line under http. More info here:

client_max_body_size 1000m;
  1. Restart NGINX
sudo systemctl restart nginx
  1. Install vsftpd per
sudo apt install vsftpd
  1. Edit /etc/vsftpd.conf to enable writes (delete the # before write_enable).
  1. Allow root access by editing /etc/ftpusers then remove root from the list.
  2. Enable root user by creating a password per You'll log into FTP as root then th password that you'll create.
sudo passwd root
  1. Restart vsftpd
systemctl restart vsftpd
  1. Reboot / Backup / Whatever