Trials and Tribulations with Technology

Create a Lightsail instance for Ghost

AWS Lightsail is the best bang for your buck in self-hosting, a lot of transfer costs are already included, as are compute, storage, DNS, firewall, etc. This makes it super simple to setup and manage your instances - no bouncing around between various AWS services (EC2, ELB, EBS) getting everything to play nicely together, and then paying piecemeal for each service.

There is a pre-existing Ghost template from Bitnami, but I'm not using it because it only supports a single Ghost blog per Lightsail instance. Instead, I'm installing Ghost using Docker so I can host multiple Ghost blogs from a single Lightsail instance.

I'm using Amazon Linux 2 (AL2) instead of Ubuntu because I fell for AWS's marketing that AL2 is optimized for Lightsail/EC2. That does mean there will be different setup steps than if I was using Ubuntu.

Create an AWS Lightsail instance

  • Log into the AWS Console, select the Lightsail service.
  • Click Create Instance to start.
  • Select a platform: Linux/Unix
  • Select a blueprint: OS Only, Amazon Linux 2
  • Check the box: [X] Enable Automatic Snapshots
  • Choose your instance plan: $5/mo (It has the required 1Gb RAM minimum for Ghost)
  • Identify the instance: My_Blog
  • Click Create Instance to finish.

Add a static IP address

I need the static IP address to connect to the instance.

  • Click the Networking tab.
  • Click Create static IP
  • Select the My_Blog instance.
  • Identify the static IP: My_Blog_staticIP
  • Click Create to finish.

Enable HTTPS

I don't need it yet, but I might was as well enable it now so I don't forget it later.

  • Click the Instances tab.
  • Select the My_blog instance.
  • Click the Networking tab.
  • Click + Add Rule under Firewall
  • Select HTTPS, click Create

Log into the instance

There's a few ways to do this...

Via the browser

  • Click the Instances tab.
  • Select the My_Blog instance.
  • Click the Connect tab.
  • Click the Connect using SSH button.


Use the Public IP and User name values to connect via SSH client/terminal session. Download the default private SSH key from my Lightsail account page:

  • Go to:
  • Click the SSH Keys tab.
  • Click the Download link for the Default key and save it in my SSH directory: ~/.ssh/LightsailDefaultKey-us-west-2.pem
  • Fix the permissions on the key: chmod 600 ~/.ssh/LightsailDefaultKey-us-west-2.pem

SSH now works, verbosely: ssh -i ~/.ssh/LightsailDefaultKey-us-west-2.pem ec2-user@

NOTE: The username ( ec2-user ) and static IP address ( ) are shown in the Connect tab of the Lightsail instance.

To make SSH easier, I added an entry to my ~/.ssh/config:

Host my_blog
  User ec2-user
  IdentityFile ~/.ssh/LightsailDefaultKey-us-west-2.pem

Now I can SSH to my instance with: ssh my_blog

Perform some maintenance

It's a new Lightsail instance, but there will already be some package updates to apply.

  • Log into your instance: ssh my_blog
  • Update all the packages: sudo yum update