Ghost on AWS

We recently completed a migration from a Next.js blog to Ghost CMS, but instead of using Ghost's managed hosting, we built our own infrastructure on AWS.

While this could have been doing easier and faster using Ghost hosting... well, this is more fun. The result is a production-grade content platform that runs entirely on AWS services with everything defined as infrastructure as code through CDK.

What We Built

The architecture uses ECS Fargate for containerized Ghost instances, Aurora Serverless for the MySQL database, CloudFront for global content delivery, and S3 for image storage. Beyond the core hosting, we implemented automated content workflows with Lambda functions, time-gated access for paid members, webhook integrations for external services, and custom llms.txt generation.

The entire infrastructure deploys through AWS CDK with TypeScript. Every component is version-controlled, reproducible, and can be spun up in any AWS account. We structured the code as reusable constructs that handle specific aspects of the deployment, from database configuration to CDN caching strategies.

Why Document This

Setting up Ghost on AWS properly requires solving numerous interconnected challenges. The official Ghost documentation assumes managed hosting or simple VPS deployments. AWS's container services add layers of complexity around networking, secrets management, and service discovery. Combining these technologies requires specific knowledge that isn't well documented elsewhere.

We encountered and solved issues with CloudFront caching with Ghost's member authentication, WAF rules that blocked legitimate webhook traffic, and several other niche problems. We also added some custom features using Ghosts's excellent flexibility. This series will document those solutions and features.

What's Coming

Over the next several weeks, we'll publish detailed implementation guides for each component of the infrastructure. The first post will cover the core AWS infrastructure setup with complete CDK code. Subsequent posts will dive into specific topics like storage configuration, email setup, content migration tools, and advanced features we've implemented.

Each post will include working code and troubleshooting guides based on actual production experience. The goal is to provide everything needed to replicate this infrastructure, whether you adopt the complete platform or just specific components.

This series is for developers who want to run Ghost professionally on AWS, teams already invested in AWS infrastructure, and anyone interested in modern containerized application deployment patterns. While Ghost is the application we're hosting, many of the patterns and solutions apply to any containerized web application on AWS.

Ghost on AWS: Core Infrastructure with CDK

Ghost requires a MySQL database, persistent storage for content and images, and a way to handle traffic at scale. AWS provides these through RDS Aurora, EFS, S3, and ECS Fargate. This post walks through deploying the core infrastructure using AWS CDK, which allows us to define everything as TypeScript code

subaudCourt Schuett

Ghost on AWS: S3 Storage and CloudFront CDN

Running Ghost in containers presents a storage challenge. Container filesystems are ephemeral - when a container restarts, any locally stored files disappear. This includes all uploaded images, making local storage unsuitable for production Ghost deployments on ECS. The solution uses S3 for persistent storage and CloudFront for global content delivery.

subaudCourt Schuett

Ghost on AWS: Email and Newsletter Automation

Ghost handles email differently than most CMS platforms. It ships with newsletter capabilities built-in but requires external SMTP for transactional emails and lacks automated digest features entirely. This post covers setting up both transactional email through Mailgun and building an automated weekly digest system using AWS Lambda and EventBridge. The

subaudCourt Schuett

Ghost on AWS: ActivityPub Federation

Ghost recently released ActivityPub support, enabling Ghost blogs to participate in the Fediverse alongside Mastodon, Threads, and other federated platforms. Through extensive testing and production deployment, we discovered that the official ActivityPub container has a bug that prevents self-hosted ActivityPub deployments from working. Combined with AWS-specific networking challenges, we had

subaudCourt Schuett

Ghost on AWS: Monitoring, Logging, and Operational Excellence

Running Ghost on AWS requires visibility into application performance, system health, and user experience. Without proper monitoring, you’re flying blind - unable to detect issues before users complain or understand what went wrong when problems occur. This post details a comprehensive monitoring setup that provides complete operational visibility at a

subaudCourt Schuett

Ghost on AWS: Backup and Disaster Recovery

Running Ghost in production requires more than just high availability - you need a comprehensive backup strategy that ensures business continuity when disasters strike. This post details a production-ready backup implementation using AWS Backup that provides automated backups, monitoring, and rapid recovery capabilities for both your database and content. Understanding

subaudCourt Schuett

Ghost on AWS: Webhook Architecture and Time-Gated Content

Ghost CMS provides a powerful webhook system that enables deep customization beyond its built-in features. By building a centralized webhook router with AWS API Gateway and Lambda, you can create a scalable foundation for Ghost integrations. This post explores our production webhook architecture and demonstrates its power through a real

subaudCourt Schuett