-
GitHub stars
WordPress LEMP stack with PHP 8.3, Composer, WP-CLI and more
Production-ready WordPress servers — Ansible automation, zero-downtime deployments, and Let's Encrypt SSL
Modern server management and deployment for WordPress with Ansible playbooks, automated SSL certificates, and development/production parity.
~/Code/
$ trellis new example.com
Creating new Trellis project in example.com
✓ Generated Trellis project
✓ Generated Bedrock project
$ cd example.com/trellis && trellis provision production
Provisioning production servers...
✓ Ubuntu 24.04 configured
✓ Nginx + PHP 8.3 + MariaDB installed
✓ Let's Encrypt SSL certificate generated
✓ Server provisioned successfully
$ trellis deploy production
Deploying example.com to production...
✓ Zero-downtime deployment completedTrellis CLI & server provisioning
Modern command-line interface for managing WordPress servers and deployments. Create DigitalOcean droplets, provision servers, and deploy sites with simple commands powered by Ansible automation.
WordPress sites configuration
group_vars/development/wordpress_sites.yml
wordpress_sites:
example.com:
site_hosts:
- canonical: example.test
redirects:
- www.example.test
local_path: ../site # path targeting local Bedrock site directory (relative to Ansible root)
admin_email: admin@example.test
multisite:
enabled: false
ssl:
enabled: false
provider: self-signed
cache:
enabled: false
xmlrpc:
enabled: false
Production configuration
group_vars/production/wordpress_sites.yml
wordpress_sites:
example.com:
site_hosts:
- canonical: example.com
redirects:
- www.example.com
local_path: ../site # path targeting local Bedrock site directory (relative to Ansible root)
repo: git@github.com:example/example.com.git # replace with your Git repo URL
repo_subtree_path: site # relative path to your Bedrock/WP directory in your repo
branch: master
multisite:
enabled: false
ssl:
enabled: true
provider: letsencrypt
cache:
enabled: true
xmlrpc:
enabled: false
Zero-downtime deployments with atomic releases
Atomic deployments with automatic rollback capability. Each deploy creates a timestamped release directory, runs Composer install, then atomically switches the symlink. Your site stays online throughout the entire process.
Deployment process
/srv/www/example.com
$ trellis deploy production
Starting deployment...
✓ Creating release: releases/20241002144230
✓ Updating repository
✓ Creating build archive
✓ Uploading archive
✓ Extracting archive
✓ Running composer install
✓ Updating symlinks
✓ Reloading php8.3-fpm
✓ Deployment completed in 34s
$ ls -la
current -> releases/20241002144230
releases/
20241002144230/
20241002143015/
20241002141220/
shared/Server inventory
hosts/production
[production]
your_server_hostname
[web]
your_server_hostname
Production LEMP stack & Ansible automation
Complete Ubuntu 24.04 server with Nginx, PHP 8.3, MariaDB, and security hardening. All configured through Ansible playbooks with roles for every component—no fragile bash scripts or manual server setup.
Server structure
trellis
.
├── ansible.cfg
├── group_vars/
│ ├── all/
│ │ ├── security.yml
│ │ ├── users.yml
│ │ └── vault.yml
│ ├── development/
│ │ └── wordpress_sites.yml
│ └── production/
│ └── wordpress_sites.yml
├── hosts/
│ ├── development
│ ├── staging
│ └── production
├── roles/
│ ├── nginx/
│ ├── php/
│ ├── mariadb/
│ ├── letsencrypt/
│ ├── fail2ban/
│ └── deploy/
├── deploy.yml
├── server.yml
└── trellis.cli.ymlPerformance optimization
Nginx FastCGI "micro" caching can be configured with a toggle and optional timeframe. Your WordPress site can be "Reddit proof" just by having a 5 second cache.
Built-in Redis support for object caching and session storage, automatically configured and optimized for WordPress performance.
Development/production parity with Lima VMs
Identical environments for development, staging, and production. Use Lima VMs locally to match your production Ubuntu stack, ensuring consistency across all environments.
A+ SSL rating with Let's Encrypt
Automatic SSL certificate generation and renewal with Let's Encrypt. HTTP/2, OCSP stapling, HSTS, and strong cipher suites configured for an A+ SSL Labs rating.
Sponsors
Help support our open-source development efforts
Recommendations
I helped to deploy/maintain a few sites using Trellis. It was such a superior experience. Shout-out to the Roots team for continually innovating in the WP ecosystem.
In my opinion, the roots.io toolkit is the most sane way to do WordPress in 2023
I’ve been using Trellis for a while with a lot of success. All my sites are hosted on DigitalOcean, so using Trellis + DO means I have perfect parity between my dev and production environments.
Can’t believe I have gone without Trellis this long, stoked to get a LEMP stack up and running with a dummy domain under 10 minutes.
Throughout years of my WordPress era no other server tool served me so well as Trellis. Nginx, HTTPS by Let's Encrypt, firewall, etc. with one config file and one command. Highly recommend.
Subscribe for updates
Join over 8,000 subscribers on our newsletter to get the latest Roots updates and tips on building better WordPress sites
Looking for WordPress plugin recommendations, the newest modern WordPress projects, and general web development tips and articles?