By the end of this guide you'll have a fully configured Ghost install running in production using MySQL.

You need to install mysql from mysql.com. Add this repo file:

# /etc/yum.repos.d/mysql-community.repo
[mysql57-community]
name=MySQL 5.7 Community Server 
enabled=1
baseurl=http://repo.mysql.com/yum/mysql-5.7-community/fc/$releasever/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

[mysql-connectors-community]
name=MySQL Connectors Community
baseurl=http://repo.mysql.com/yum/mysql-connectors-community/fc/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

[mysql-tools-community]
name=MySQL Tools Community
baseurl=http://repo.mysql.com/yum/mysql-tools-community/fc/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

Then you can install, start and enable mysql

# dnf install mysql-community-server -y
# systemctl start mysqld
# systemctl status mysqld
# systemctl enable mysqld

Get your generated mysql password for root@localhost and change the password

# grep 'temporary password' /var/log/mysqld.log
# mysql -uroot -p
Enter password:
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
mysql> quit

Install nodejs

# dnf install nodejs -y

Install, start and enable nginx

# dnf install nginx -y
# dnf start nginx
# dnf status nginx
# dnf enable nginx

Add a user for running ghost

# useradd ghostd
# passwd ghostd
# usermod -aG wheel ghostd

Now install ghost-cli

# npm install ghost-cli@latest -g

Prepare folder for Ghost install

# mkdir -p /var/www/ghost
# chown ghostd:ghostd /var/www/ghost
# chmod 775 /var/www/ghost

Now you can install Ghost as ghostd user

# su - ghostd
# cd /var/www/ghost/
# ghost install
System checks failed with message: 'Linux version is not Ubuntu 16 or 18'
Some features of Ghost-CLI may not work without additional configuration.
For local installs we recommend using `ghost install local` instead.
? Continue anyway? Yes
? Enter your blog URL: https://fredhs.net
? Enter your MySQL hostname: localhost
? Enter your MySQL username: root
? Enter your MySQL password: [hidden]
? Enter your Ghost database name: ghost_prod
? Do you wish to set up "ghost" mysql user? Yes
? Do you wish to set up Systemd? Yes
? Do you want to start Ghost? Yes

Ghost was installed successfully! To complete setup of your publication, visit: 

    https://fredhs.net/ghost/

Configure your nginx manually

# /etc/nginx/conf.d/fredhs.net-ssl.conf
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name fredhs.net;

    ssl_certificate /etc/letsencrypt/live/fredhs.net/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/fredhs.net/privkey.pem;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://127.0.0.1:2368;
        
    }

    client_max_body_size 50m;
}

You can redirect all requests to 443 with this config

# /etc/nginx/conf.d/fredhs.net.conf 
server {
    listen 80;
    listen [::]:80;
    server_name  _;
    return 301 https://$host$request_uri;
}

For this to work you need to edit nginx.conf - comment or remove following lines

# /etc/nginx/nginx.conf
.
.
.
#    server {
#        listen       80 default_server;
#        listen       [::]:80 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#       error_page 404 /404.html;
#           location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
.
.
.

Now you can check your config and reload nginx

# nginx -t
# systemctl reload nginx
# systemctl status nginx

Open ports for nginx in firewall

# firewall-cmd --permanent add-service=http,https
# firewall-cmd --reload