Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Installing Ghost CMS High Availability using Cloud Apps

Written by
Improved by
Updated at March 26, 2026

Follow this guide to install and configure Ghost CMS High Availability, a content publishing and blogging platform. You will deploy Yandex Cloud Apps on a virtual machine with all required resources autoconfigured, including a database, a web server, and email service integration.

To install Ghost CMS High Availability:

  1. Get your cloud ready.
  2. Create a VPC network and subnets.
  3. Configure a DNS zone.
  4. Create a Yandex Lockbox secret.
  5. Install Ghost CMS High Availability.
  6. Configure Ghost CMS High Availability.
  7. Check the result.

If you no longer need the resources you created, delete them.

Get your cloud ready

Sign up for Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or create a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can create or select a folder for your infrastructure on the cloud page.

Learn more about clouds and folders here.

The cost of support for the new infrastructure includes:

Create a VPC network and subnets

Create a cloud network and subnets to deploy your resources in.

  1. In the management console, navigate to the folder where you want to deploy your infrastructure.

  2. Go to Virtual Private Cloud.

  3. In the top-right corner, click Create network.

  4. In the Name field, enter a name for the network. The naming requirements are as follows:

    • Length: between 3 and 63 characters.
    • It can only contain lowercase Latin letters, numbers, and hyphens.
    • It must start with a letter and cannot end with a hyphen.

  5. Keep Create subnets enabled.

  6. Click Create network.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder used by default is the one specified when creating the CLI profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id options.

  1. Create a cloud network in the default folder:

    yc vpc network create --name wordpress-network

  2. Get the list of the cloud networks in the folder:

    yc vpc network list --folder-id b1g6ci08ma55********

    Result:

    +----------------------+-------------------+
|          ID          |      NAME         |
+----------------------+-------------------+
| enpavfmgapum******** | wordpress-network |
| enplom7a98s1******** | default           |
+----------------------+-------------------+

  3. Select NAME or ID of the cloud network you need. Create a subnet in the ru-central1-a availability zone:

    yc vpc subnet create \
  --network-id enpavfmgapum******** \
  --zone ru-central1-a \
  --range 192.168.0.0/24

    Where:

    • --network-id: Cloud network ID. When creating a subnet, specify the cloud network for the subnet and CIDR.
    • --zone: Subnet availability zone.
    • --range: List of internal IPv4 addresses specified for this subnet, such as 10.0.0.0/22 or 192.168.0.0/16. Make sure the addresses are unique within the network. The minimum subnet size is /28, and the maximum subnet size is /16. Only IPv4 is supported.

    The subnet naming requirements are as follows:

    • Length: between 3 and 63 characters.
    • It can only contain lowercase Latin letters, numbers, and hyphens.
    • It must start with a letter and cannot end with a hyphen.

  4. Similarly, create a subnet in the ru-central1-d availability zone.

To create a cloud network, use the create REST API method for the Network resource or the NetworkService/Create gRPC API call and provide the ID of the folder to host the new network in the folderId parameter of your request:

To learn how to find out the folder ID, see Getting the folder ID.

To create subnets in the ru-central1-a and ru-central1-d availability zones, use the create REST API method for the Subnet resource or the SubnetService/Create gRPC API call, and provide the following in your request:

  • ID of the folder the subnet will reside in, in the folderId parameter.
  • ID of the network the subnet will be placed in, in the networkId parameter.
  • ID of the availability zone the subnet will be placed in, in the zoneId parameter.
  • List of internal IPv4 addresses specified for this subnet, in the v4CidrBlocks[] array, e.g., 10.0.0.0/22 or 192.168.0.0/16. Make sure the addresses are unique within the network. The minimum subnet size is /28, while the maximum subnet size is /16. Only IPv4 is supported.

To get the subnet ID, use the list REST API method for the Subnet resource or the SubnetService/List gRPC API call and provide the folder ID in the folderId request parameter.

Configure a DNS zone

Create a public DNS zone and delegate your domain to it. For more about delegating domains, see this guide.

  1. Go to Cloud DNS.

  2. Click Create zone.

  3. Specify the DNS zone settings:

    • Zone: Specify your registered domain with a trailing dot, e.g., example.com..
    • Type: Select Public.
    • Name: Enter a name for the zone, e.g., example-zone.

  4. Click Create.

  5. Delegate your domain to Yandex Cloud servers. Do it by specifying the addresses of the ns1.yandexcloud.net and ns2.yandexcloud.net DNS servers in your domain registrar's account.

    Delegation does not take effect immediately. It usually takes up to 24 hours for internet service providers to update records. You can check domain delegation using Whois or the dig utility:

    dig +short NS example.com

    Result:

    ns2.yandexcloud.net.
ns1.yandexcloud.net.

  1. Create a public DNS zone:

    yc dns zone create \
  --name example-zone \
  --zone example.com. \
  --public-visibility

    Where --zone is your domain name, e.g., example.com.. The --zone parameter value must end with a trailing dot.

    Result:

    id: dns39gihj0ef********
folder_id: b1g681qpemb4********
created_at: "2024-09-09T15:23:34.919887Z"
name: example-zone
zone: example.com.
public_visibility: {}

    For more information about the yc dns zone create command, see the CLI reference.

  2. Delegate your domain to Yandex Cloud servers. Do it by specifying the addresses of the ns1.yandexcloud.net and ns2.yandexcloud.net DNS servers in your domain registrar's account.

    Delegation does not take effect immediately. Internet provider servers update records within 24 hours.

To create a public DNS zone, use the create REST API method for the DnsZone resource or the DnsZoneService/Create gRPC API call.

Delegate your domain to Yandex Cloud servers. Do it by specifying the addresses of the ns1.yandexcloud.net and ns2.yandexcloud.net DNS servers in your domain registrar's account.

Create a Yandex Lockbox secret

Create a Yandex Lockbox secret to store the Managed Service for MySQL® database password.

  1. Go to Lockbox.

  2. Click Create secret.

  3. In the Name field, specify the secret name: db-password-secret.

  4. In the Secret type field, select Custom.

  5. In the Key field, enter db_password.

  6. In the Value field, set a password for the Managed Service for MySQL® database. Password requirements:

    • It must be from 8 to 128 characters long.
    • It must contain numbers, upper-case and lower-case Latin letters, and special characters.
    • It cannot consist only of digits.

  7. Click Create.

Run this command:

yc lockbox secret create \
  --name db-password-secret \
  --payload "[{'key': 'db_password', 'text_value': '<password>'}]"

Where text_value is the Managed Service for MySQL® database password. Password requirements:

  • It must be from 8 to 128 characters long.
  • It must contain numbers, upper-case and lower-case Latin letters, and special characters.
  • It cannot consist only of digits.

Result:

id: e6q0rdjdggjp********
folder_id: b1g681qpemb4********
created_at: "2025-07-12T18:23:49.844Z"
name: db-password-secret
status: ACTIVE
current_version:
  id: e6qbp772i014********
  secret_id: e6q0rdjdggjp********
  created_at: "2025-07-12T18:23:49.844Z"
  status: ACTIVE
  payload_entry_keys:
    - db_password

To create a secret, use the create REST API method for the Secret resource or the SecretService/Create gRPC API call.

Specify db_password in the key parameter for the key to contain the Managed Service for MySQL® database password. Password requirements:

  • It must be from 8 to 128 characters long.
  • It must contain numbers, upper-case and lower-case Latin letters, and special characters.
  • It cannot consist only of digits.

Install Ghost CMS High Availability

Install Ghost CMS High Availability using Cloud Apps.

  1. Go to Cloud Apps.

  2. Click Choose application.

  3. In the window that opens, select Ghost CMS High Availability.

  4. Configure your application:

    Parameter

    Required

    Default value

    Description

    Name

    Yes

    Application instance name.

    Description

    Application instance description.

    Service account

    Yes

    Service account you are going to use to install the app. The service account must have the admin role for the folder.
    To create a service account with the required permissions during app installation, select Auto.

    DNS zone ID

    Yes

    ID of the DNS zone to host the application's domain.

    Site subdomain

    Empty

    Domain for access to the main website, formed by adding a subdomain to the DNS zone domain, i.e., site.example.com or example.com if no subdomain is specified.

    Administrator dashboard subdomain

    admin

    Domain for access to the admin panel, formed by adding a subdomain to the DNS zone domain, e.g., admin.example.com/ghost.

    Sender

    noreply@<website_domain>

    Email sender. Used to set up SMTP via Yandex Cloud Postbox.

    Subnet in ru-central1-a

    Yes

    Subnet in the ru-central1-a availability zone for the Managed Service for MySQL® cluster, created previosly.

    Subnet in ru-central1-d

    Yes

    Subnet in the ru-central1-d availability zone for the Managed Service for MySQL® cluster, created previosly.

    VPC subnet for the VM

    Subnet in the ru-central1-d availability zone.

    Subnet to host the new VM.

    Number of vCPUs

    2

    Number of vCPUs.

    RAM

    2

    RAM in GB.

    Guaranteed vCPU share

    100

    Guaranteed vCPU share in %. The available values are 20%, 50%, or 100%.

    Public SSH key

    The key will be added to authorized_keys of the ghost VM user.
    We recommend specifying a public SSH key to access the VM over SSH. You need to create a key pair for the SSH connection on your own. To learn how, see Connecting to a VM over SSH.

    Disk type

    network-ssd

    VM disk type.

    Disk size

    20

    VM disk size in GB.

    ID of the secret containing the database password

    Yes

    Secret containing the password to connect to a Managed Service for MySQL® cluster. This password should be specified in the db_password key.

    Managed Service for MySQL® cluster disk size

    20

    Managed Service for MySQL® cluster disk size in GB.

  5. Click Install.

    Installing the app and creating all required resources will take from five to ten minutes.

    As soon as all resources are created, the VM will start configuring the website and issuing TLS certificates. Wait for the installation to complete.

Configure Ghost CMS High Availability

Once the app is successfully installed, configure Ghost CMS High Availability:

  1. In your browser, open the admin panel using its address:

    https://<admin_panel_subdomain>.<domain>/ghost

    Where:

    • <admin_panel_subdomain>: Admin panel subdomain you specified when creating the application. The default value is admin.
    • <your_domain>: Domain you specified when creating the DNS zone.

    For example: https://admin.example.com/ghost.

  2. Fill out the admin registration form:

    • Site title: Enter a name for the website.
    • Full name: Enter a name to publish posts under.
    • Email address: Specify the email address for logging in to the admin panel. You will get a notification at this address.
    • Password: Create a secure password for logging in to the admin panel.

  3. Click Create account & start publishing.

    After you register, the page will redirect you to the Ghost CMS High Availability admin panel where you can start using the website.

Check the result

Make sure that Ghost CMS High Availability is up and running:

  1. Create a test post:

    1. In the admin panel interface, click next to the Posts tab.
    2. Provide the post title and content.
    3. Upload an image to the post. It will be automatically saved in the S3 bucket.
    4. At the top right, click PublishContinue, final reviewPublish post, right now.
    5. In the window that opens, copy the post link by clicking Copy link.

  2. Open the link in your browser.

    You should see a post with a URL in this format:https://example.com/new-post/.

How to delete the resources you created

Warning

Do not manually delete automatically created resources: this may cause an error when uninstalling the app.

To shut down the resources you created and stop paying for them:

  1. Delete all objects from the Object Storage bucket you created when installing the app.

  2. Delete the installed Ghost CMS High Availability app:

    1. Go to Cloud Apps.

    2. Locate the installed Ghost CMS High Availability app in the list.

    3. Click next to the app and select Delete.

    4. Confirm the app deletion.

      Wait for the deletion to complete.

  3. Delete the public DNS zone.

  4. Delete the Yandex Lockbox secret.

  5. Delete the VPC network and subnets.

  6. Delete the Yandex Cloud Postbox address and the associated DNS record because they will not be deleted after you delete the application.

Previous
Creating a WordPress website using Cloud Apps
Next
Audit Trails events