Skip to content
Roots
  • Home page
Trellis

WordPress Server Automation with Ansible

Zero-downtime deployments and automated SSL certificates

Production LEMP stack with development/production parity

~/Code/ 

$ trellis new example.com

Creating new Trellis project in example.com
✓ Generated Trellis project
✓ Generated Bedrock project

$ cd example.com/trellis && trellis provision production

Provisioning production servers...
✓ Ubuntu 24.04 configured
✓ Nginx + PHP 8.3 + MariaDB installed
✓ Let's Encrypt SSL certificate generated
✓ Server provisioned successfully

$ trellis deploy production

Deploying example.com to production...
✓ Zero-downtime deployment completed
Read the docs View the repo

Trellis CLI & server provisioning

Modern command-line interface for managing WordPress servers and deployments. Create DigitalOcean droplets, provision servers, and deploy sites with simple commands powered by Ansible automation.

WordPress sites configuration

group_vars/development/wordpress_sites.yml 

wordpress_sites:
  example.com:
    site_hosts:
      - canonical: example.test
        redirects:
          - www.example.test
    local_path: ../site # path targeting local Bedrock site directory (relative to Ansible root)
    admin_email: admin@example.test
    multisite:
      enabled: false
    ssl:
      enabled: false
      provider: self-signed
    cache:
      enabled: false
    xmlrpc:
      enabled: false

Production configuration

group_vars/production/wordpress_sites.yml 

wordpress_sites:
  example.com:
    site_hosts:
      - canonical: example.com
        redirects:
          - www.example.com
    local_path: ../site # path targeting local Bedrock site directory (relative to Ansible root)
    repo: git@github.com:example/example.com.git # replace with your Git repo URL
    repo_subtree_path: site # relative path to your Bedrock/WP directory in your repo
    branch: master
    multisite:
      enabled: false
    ssl:
      enabled: true
      provider: letsencrypt
    cache:
      enabled: true
    xmlrpc:
      enabled: false

Zero-downtime deployments with atomic releases

Atomic deployments with automatic rollback capability. Each deploy creates a timestamped release directory, runs Composer install, then atomically switches the symlink. Your site stays online throughout the entire process.

Deployment process

/srv/www/example.com 

$ trellis deploy production

Starting deployment...
✓ Creating release: releases/20241002144230
✓ Updating repository
✓ Creating build archive
✓ Uploading archive
✓ Extracting archive
✓ Running composer install
✓ Updating symlinks
✓ Reloading php8.3-fpm
✓ Deployment completed in 34s

$ ls -la

current -> releases/20241002144230
releases/
  20241002144230/
  20241002143015/
  20241002141220/
shared/

Server inventory

hosts/production 

[production]
your_server_hostname

[web]
your_server_hostname

Production LEMP stack & Ansible automation

Complete Ubuntu 24.04 server with Nginx, PHP 8.3, MariaDB, and security hardening. All configured through Ansible playbooks with roles for every component—no fragile bash scripts or manual server setup.

Server structure

trellis 

.
├── ansible.cfg
├── group_vars/
│   ├── all/
│   │   ├── security.yml
│   │   ├── users.yml
│   │   └── vault.yml
│   ├── development/
│   │   └── wordpress_sites.yml
│   └── production/
│       └── wordpress_sites.yml
├── hosts/
│   ├── development
│   ├── staging
│   └── production
├── roles/
│   ├── nginx/
│   ├── php/
│   ├── mariadb/
│   ├── letsencrypt/
│   ├── fail2ban/
│   └── deploy/
├── deploy.yml
├── server.yml
└── trellis.cli.yml

Performance optimization

Nginx FastCGI "micro" caching can be configured with a toggle and optional timeframe. Your WordPress site can be "Reddit proof" just by having a 5 second cache.

Built-in Redis support for object caching and session storage, automatically configured and optimized for WordPress performance.

Development/production parity with Lima VMs

Identical environments for development, staging, and production. Use Lima VMs locally to match your production Ubuntu stack, ensuring consistency across all environments.

A+ SSL rating with Let's Encrypt

Automatic SSL certificate generation and renewal with Let's Encrypt. HTTP/2, OCSP stapling, HSTS, and strong cipher suites configured for an A+ SSL Labs rating.

Read the docs View the repo

Sponsors

Help support our open-source development efforts

Recommendations

I helped to deploy/maintain a few sites using Trellis. It was such a superior experience. Shout-out to the Roots team for continually innovating in the WP ecosystem.

Kevin Oh Kevin Oh

In my opinion, the roots.io toolkit is the most sane way to do WordPress in 2023

Andrew Halliwell Andrew Halliwell

I’ve been using Trellis for a while with a lot of success. All my sites are hosted on DigitalOcean, so using Trellis + DO means I have perfect parity between my dev and production environments.

James DiGioia James DiGioia

Can’t believe I have gone without Trellis this long, stoked to get a LEMP stack up and running with a dummy domain under 10 minutes.

Benjamin Jackson Benjamin Jackson

Throughout years of my WordPress era no other server tool served me so well as Trellis. Nginx, HTTPS by Let's Encrypt, firewall, etc. with one config file and one command. Highly recommend.

Dawid Gawel Dawid Gawel

Subscribe for updates

Join over 8,000 subscribers on our newsletter to get the latest Roots updates and tips on building better WordPress sites

Looking for WordPress plugin recommendations, the newest modern WordPress projects, and general web development tips and articles?

One last step! Check your email for a verification link.