Quickstart
Get started with Ghostwriter quickly and easily with Docker and Ghostwriter CLI
STOP! Ghostwriter uses Docker Compose. Install Docker before proceeding.
You will need a Docker version >=20 for the Alpine Linux images used for Ghostwriter. Run docker --version to check your installation.
You will need a Docker Compose version >=1.26 to support the compose files. Run docker-compose --version to check your installation.

Getting Started

Ghostwriter comes with the Ghostwriter CLI tool. This tool makes it simple to manage the application. You will use it to install, reconfigure, and upgrade Ghostwriter.
Ghostwriter can run on Windows, macOS, and Linux, so there are multiple versions of Ghostwriter CLI. Pick the appropriate Ghostwriter CLI binary for your operating system.
  • ghostwriter-cli-macos : macOS
  • ghostwriter-cli-linux : Linux amd64
  • ghostwriter-cli.exe : Windows 64-bit
You can rename these binaries without causing any issues. This wiki will always refer to it simply as ghostwriter-cli for commands.

Installing Ghostwriter

You can install Ghostwriter with three basic commands:
1
git clone https://github.com/GhostManager/Ghostwriter.git
2
cd Ghostwriter
3
./ghostwriter-cli install
Copied!
Ghostwriter will create self-signed TLS/SSL certificates. If you'd like to use your own signed certificates, do that now to make things easier. If you don't have them ready, you can always install them later.
There is more information below in Customizing Your Installation.
The last command will take care of everything necessary to install a production (prod) environment for you. That command performs the following actions:
  • Sets up the default server configuration
  • Generates TLS certificates for the server
  • Builds the Docker containers
  • Creates a default admin user with a randomly generated password
If you'd prefer to install a development (dev) environment, you can run:
./ghostwriter-cli install --dev
A development environment is best if you want to change Ghostwriter's codebase or test functionality. Debug logging is enabled, which makes it easier to troubleshoot. The dev installation does not use TLS, so it skips creating certificates.

Accessing Ghostwriter

The Ghostwriter server will now be accessible! Just visit https://127.0.0.1 and authenticate with the admin user. The password is displayed in the Ghostwriter CLI output at the end of the installation.
You can also get the password by running this command:
./ghostwriter-cli config get admin_password
This password is only used for creating the account. You can change it in the admin panel after logging into Ghostwriter. You can also change any other part of the user profile.

Adding More Users

You may create users using the admin panel or ask users to sign-up using /accounts/signup. Filling out a complete profile is recommended. Ghostwriter can use full names for displaying user actions and filling-in report templates.
Django usernames are case-sensitive, so all lowercase is recommended to avoid confusion later.

Customizing Your Installation

You may wish to change some of the configuration options. The following sections outline common customizations.
If you make changes to the configuration, restart Ghostwriter for the changes to take effect:
1
./ghostwriter-cli containers down
2
./ghostwriter-cli containers up
Copied!

Using Your Own Certificates

You can use your own TLS/SSL certificates for Ghostwriter. To swap in your own certificate package:
  1. 1.
    Name the keypair files ghostwriter.key and ghostwriter.crt
  2. 2.
    Name the Diffie-Helman Parameters file dhparam.pem
  3. 3.
    Place all three files inside the ssl directory

Customizing the Date Format

The default format is d M Y which formats dates like so: 3 Jun 2022
This format is the default used in parts of the user interface and reports. You can change the date format with this command:
./ghostwriter-cli config set date_format "d M Y"
When you set DATE_FORMAT use Django's format string values:

Customizing the Domain Name or IP Address

To avoid potential exposure to HTTP Host header attacks, Ghostwriter explicitly checks the hostname against a list of allowed hosts. To access Ghostwriter with your custom domain name or server IP address, you must tell the server to allow new IP addresses or hostnames.
To allow a new IP address or hostname, run this command:
./ghostwriter-cli config allowhost <YOUR DOMAIN NAME OR IP>"
You can use config disallowhost to remove a host you have added to the list.
While not recommended, a wildcard (*) will work, but only *.
A * will allow any hostname or IP address.
Anything like *.myserver.local or 192.168.10.* will not work to allow a host.