diff --git a/home-manager/homeserver.nix b/home-manager/homeserver.nix
index 9161fb5..3d55146 100644
--- a/home-manager/homeserver.nix
+++ b/home-manager/homeserver.nix
@@ -22,6 +22,7 @@
       vikunja_jwtsecret = {};
       vikunja_dbpassword = {};
       vikunja-db_rootpassword = {};
+      ghost_dbpassword = {};
     };
   };
 }
diff --git a/home-manager/homeserver/containers.nix b/home-manager/homeserver/containers.nix
index 83610a8..6ba914f 100644
--- a/home-manager/homeserver/containers.nix
+++ b/home-manager/homeserver/containers.nix
@@ -23,5 +23,6 @@
     ./containers/caddy.nix
     ./containers/site.nix
     ./containers/work_tools.nix
+    ./containers/blog.nix
   ];
 }
diff --git a/home-manager/homeserver/containers/blog.nix b/home-manager/homeserver/containers/blog.nix
new file mode 100644
index 0000000..8e5a123
--- /dev/null
+++ b/home-manager/homeserver/containers/blog.nix
@@ -0,0 +1,49 @@
+{
+  inputs,
+  outputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  services.podman = {
+    networks = {
+      blog-net = {};
+    };
+    containers = {
+      ghost = {
+        image = "docker.io/library/ghost:alpine";
+        autoUpdate = "registry";
+        network = [
+          "blog-net"
+          "proxy-net"
+        ];
+        environment = {
+          database__client = "mysql";
+          database__connection__host = "ghost-db";
+          database__connection__user = "root";
+          database__connection__password = config.sops.secrets.ghost_dbpassword.path;
+          database__connection__database = "ghost";
+          url = "https://blog.bulba.space";
+        };
+        volumes = [
+          "/home/cianh/blog/content:/var/lib/ghost/content"
+        ];
+      };
+      ghost-db = {
+        image = "docker.io/library/mysql:8.0";
+        autoUpdate = "registry";
+        network = "blog-net";
+        environment = {
+          MYSQL_ROOT_PASSWORD = config.sops.secrets.ghost_dbpassword.path;
+        };
+        volumes = [
+          "/home/cianh/blog/db:/var/lib/mysql"
+        ];
+      };
+    };
+  };
+
+  home.file."caddy/config/subdomains/blog.caddyfile".source = ./caddy_config/subdomains/blog.caddyfile;
+}
diff --git a/home-manager/homeserver/containers/caddy_config/subdomains/blog.caddyfile b/home-manager/homeserver/containers/caddy_config/subdomains/blog.caddyfile
new file mode 100644
index 0000000..4a2631d
--- /dev/null
+++ b/home-manager/homeserver/containers/caddy_config/subdomains/blog.caddyfile
@@ -0,0 +1,3 @@
+blog.bulba.space {
+	reverse_proxy ghost:2368
+}
diff --git a/home-manager/secrets.yaml b/home-manager/secrets.yaml
index 61229d8..51ccc39 100644
--- a/home-manager/secrets.yaml
+++ b/home-manager/secrets.yaml
@@ -1,6 +1,7 @@
-vikunja_jwtsecret: ENC[AES256_GCM,data:KPR1aGrXgtWX1jf+CSlKxCpiCo+iqKGQMiqPBL9QgUCVCne+7o8LTRjeZte4w+KxozZeA+f9kcrYMypt16XthQ==,iv:Mb6nFjq6tD+fNyaAGUz9bO9/0kZCE/CysFf2r/+VL9k=,tag:Z4NTEXjWXTiyUuatESPlxQ==,type:str]
-vikunja_dbpassword: ENC[AES256_GCM,data:OVcultYfgnJQhQ2oNWwYfRyAyWnS8g84CcXQMCY2jCw=,iv:L4hL9LSKo2JxSTlKkbgPUdVy6Wm7EeyLyfY2khr3lJw=,tag:a5n3/YYuSzMDkum/4i1BXA==,type:str]
-vikunja-db_rootpassword: ENC[AES256_GCM,data:UuFtVJFfx1rSJXbRonICS4apmwuQs6Qhub62rI2CXjUduX1HNwN/KL0isqM=,iv:EmGYwuTuAMmguXQZfj9Er42rOHZBmvxuVe/X2WlLb1c=,tag:q+Uyau+FggRNpVn2+OaLqw==,type:str]
+vikunja_jwtsecret: ENC[AES256_GCM,data:ncqBJnKHH7XvLS8709KsquxKHvMN07GGFLA5X23uKIOE2nipPMG6wCxvXhvjE1wi+gk7UvTe4BXtwhvc0c86Ww==,iv:P6LI9hVQVJW0wMBWBhZSCNXmVTArX5IA9pTs0YzC7mk=,tag:RUlS/qYLa/fJQDdCJQpZ1w==,type:str]
+vikunja_dbpassword: ENC[AES256_GCM,data:UBGT3U1ykinOio0u0mQQNei9wPeyrRCZT2YJloTMrWY=,iv:6r3r9INjD4epQPrQoI/1Y67Vi08+DhFci29i+R7UbbY=,tag:kLh9MxhEC9s2MoSJEM0MLg==,type:str]
+vikunja-db_rootpassword: ENC[AES256_GCM,data:McnoyCnx8Xo1wYw7OzgRK2osPwJH252OMzKMB830tbbixlZ/dK3Ar32SOzY=,iv:kvAkKooXA3YbJ+5s/oIvK3xeX2sx9ugYnB6j8X7Aiec=,tag:fZElm58Gu5KnsV5+sDxGSw==,type:str]
+ghost_dbpassword: ENC[AES256_GCM,data:QUwDnvLEF1a79xXnXUkBMbvGa9m729uZ0Figve+nFAjQB5NqNVzKVMW6WyXeCysPrIrN6IqndgvrIIfEuGtnOg==,iv:McEaobK1mu/OxGf7CmD1mkCnWKkjkLhZQRU8eHBpNIU=,tag:xxMeHguQpUBcnZ5pLXDNJw==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -10,14 +11,14 @@ sops:
         - recipient: age15x4h66uk6ct3436e6r4l0tkpf86e7jzl3lqd2acndq2jjvq5za3stqg2fy
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoK21XZ3EvUG0zbW0vcXdn
-            RXBHbHRkYnVYU2FuTlFVdUhhQTYwZGNFelVFCmEyQ2l1S2lxeVhHc3dCR3h5WVpv
-            WkE1ci8vTGtiTFM0MGJvd3hiRGFkNUkKLS0tIGlXU3JxT2t5a2VBTEF5WVgwellk
-            UUxtN2xwM2NyU3RKT1RZTkpkT2ZEYTAKaIouMAelGffEMZI5eyycJQpIdGi3jAS0
-            DJ0NrV54goQnUcwGrmn8aHZ6tWpS6nWMI/Ieo2fmATJxB6S5AtSyKg==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzL2tTYzRNd3VQYzJTbDAr
+            VlVXcEwxUXNSVzc4SEV4ZE1NZ0tVK2FoeGlJCkMwSXJVOEw5akpLYys5VndaVU1D
+            QW5nZ21NbFpIaitnRWhnWGJ3VnNkMlkKLS0tIHhvN1hjbm1ET3J4azNucG5CYmpn
+            Wm1SVHRnUGpEZnFNQ056aWtuVDNmNlkKzdi8fXl+2nUy3lGXakBky6Ll113hcAYC
+            y8luIXczuL7R91BfwgwAYGidgFJBzMFuE7By4J8f3RAVW8IrJoW5Xw==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-01-30T02:59:50Z"
-    mac: ENC[AES256_GCM,data:SgkPz7H0wTqxHVUN/udFMXShFYdcdpJJWNDBBJKh+/i4j03E/mMd04cKmV9KDJufbkWFWCluit0y6tfnhg83CZp/cgviJf5VMur28UfsmyvVGJqFO51KdtYoH1IB5hZdt2sID/CJ0rCfDZ5qHkzn7tzFpIn38OllMNITM1WM9GM=,iv:OzRDmRm6p5LcwRrW5d0OA0mVRSH09RUjVK20Q+hPOSw=,tag:KW96+/9kqGH48HbHp5FeOA==,type:str]
+    lastmodified: "2025-02-06T22:39:19Z"
+    mac: ENC[AES256_GCM,data:WDdHVKX5/DB6pT4vHMSDh7vM2ryUOBk8ZgthMmPpJ8kDivAKBo34l7s6bsOwzofvl35CiCy2psGYirfa4QjzqcnWPIBwUY57ird0FeFzRlzyeQShaUk50VpsXw8+lbFwUtq8Q5cHGVM/qRTuIurNbclIrpZJ3yJOsCWi0SF7bYk=,iv:6lrOFildBBRtAdC7/vNEGUE9oUub8dC8z3wi5Zi4Ynk=,tag:Jf8PfMP320FNdOS37UQ4ZA==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.9.2
+    version: 3.9.4