# WordPress Server Automation with Ansible ## Zero-downtime deployments and automated SSL certificates ### Production LEMP stack with development/production parity `~/Code/` ``` $ trellis new example.com Creating new Trellis project in example.com ✓ Generated Trellis project ✓ Generated Bedrock project $ cd example.com/trellis && trellis provision production Provisioning production servers... ✓ Ubuntu 24.04 configured ✓ Nginx + PHP 8.3 + MariaDB installed ✓ Let's Encrypt SSL certificate generated ✓ Server provisioned successfully $ trellis deploy production Deploying example.com to production... ✓ Zero-downtime deployment completed ``` [Read the docs](/trellis/docs/installation/) [View the repo](https://github.com/roots/trellis) ## Trellis CLI & server provisioning Modern command-line interface for managing WordPress servers and deployments. Create DigitalOcean droplets, provision servers, and deploy sites with simple commands powered by Ansible automation. ### WordPress sites configuration `group_vars/development/wordpress_sites.yml` ``` wordpress_sites: example.com: site_hosts: - canonical: example.test redirects: - www.example.test local_path: ../site # path targeting local Bedrock site directory (relative to Ansible root) admin_email: admin@example.test multisite: enabled: false ssl: enabled: false provider: self-signed cache: enabled: false xmlrpc: enabled: false ``` ### Production configuration `group_vars/production/wordpress_sites.yml` ``` wordpress_sites: example.com: site_hosts: - canonical: example.com redirects: - www.example.com local_path: ../site # path targeting local Bedrock site directory (relative to Ansible root) repo: git@github.com:example/example.com.git # replace with your Git repo URL repo_subtree_path: site # relative path to your Bedrock/WP directory in your repo branch: master multisite: enabled: false ssl: enabled: true provider: letsencrypt cache: enabled: true xmlrpc: enabled: false ``` ## Zero-downtime deployments with atomic releases Atomic deployments with automatic rollback capability. Each deploy creates a timestamped release directory, runs Composer install, then atomically switches the symlink. Your site stays online throughout the entire process. ### Deployment process `/srv/www/example.com` ``` $ trellis deploy production Starting deployment... ✓ Creating release: releases/20241002144230 ✓ Updating repository ✓ Creating build archive ✓ Uploading archive ✓ Extracting archive ✓ Running composer install ✓ Updating symlinks ✓ Reloading php8.3-fpm ✓ Deployment completed in 34s $ ls -la current -> releases/20241002144230 releases/ 20241002144230/ 20241002143015/ 20241002141220/ shared/ ``` ### Server inventory `hosts/production` ``` [production] your_server_hostname [web] your_server_hostname ``` ## Production LEMP stack & Ansible automation Complete Ubuntu 24.04 server with Nginx, PHP 8.3, MariaDB, and security hardening. All configured through Ansible playbooks with roles for every component—no fragile bash scripts or manual server setup. ### Server structure `trellis` ``` . ├── ansible.cfg ├── group_vars/ │ ├── all/ │ │ ├── security.yml │ │ ├── users.yml │ │ └── vault.yml │ ├── development/ │ │ └── wordpress_sites.yml │ └── production/ │ └── wordpress_sites.yml ├── hosts/ │ ├── development │ ├── staging │ └── production ├── roles/ │ ├── nginx/ │ ├── php/ │ ├── mariadb/ │ ├── letsencrypt/ │ ├── fail2ban/ │ └── deploy/ ├── deploy.yml ├── server.yml └── trellis.cli.yml ``` ### Performance optimization Nginx FastCGI "micro" caching can be configured with a toggle and optional timeframe. Your WordPress site can be "Reddit proof" just by having a 5 second cache. Built-in Redis support for object caching and session storage, automatically configured and optimized for WordPress performance. ## Development/production parity with Lima VMs Identical environments for development, staging, and production. Use Lima VMs locally to match your production Ubuntu stack, ensuring consistency across all environments. ## A+ SSL rating with Let's Encrypt Automatic SSL certificate generation and renewal with Let's Encrypt. HTTP/2, OCSP stapling, HSTS, and strong cipher suites configured for an A+ SSL Labs rating. [Read the docs](/trellis/docs/installation/) [View the repo](https://github.com/roots/trellis) ## Sponsors - [![Carrot](https://roots.io/build/assets/carrot-U-3tnBjH.svg)](https://carrot.com/) - [![WordPress.com](https://roots.io/build/assets/wordpress-com-COwyg-kV.svg)](https://wordpress.com/) - [![Itineris](https://roots.io/build/assets/itineris-B1enfPfI.svg)](https://www.itineris.co.uk/) - [![Kinsta](https://roots.io/build/assets/kinsta-wOzVJCcU.svg)](https://kinsta.com/?kaid=OFDHAJIXUDIV) Roots is an independent open source org, supported only by developers like you. [Become a sponsor](/sponsors/). ## Recommendations > I helped to deploy/maintain a few sites using Trellis. It was such a superior experience. Shout-out to the Roots team for continually innovating in the WP ecosystem. > > ![Kevin Oh](https://roots.io/build/assets/kevin-oh-DtHD0SpB.jpg) Kevin Oh > In my opinion, the roots.io toolkit is the most sane way to do WordPress in 2023 > > ![Andrew Halliwell](https://roots.io/build/assets/andrew-halliwell-Cg7WRrLV.jpg) Andrew Halliwell > I’ve been using Trellis for a while with a lot of success. All my sites are hosted on DigitalOcean, so using Trellis + DO means I have perfect parity between my dev and production environments. > > ![James DiGioia](https://roots.io/build/assets/james-digioia-DnC96X4Y.jpg) James DiGioia > Can’t believe I have gone without Trellis this long, stoked to get a LEMP stack up and running with a dummy domain under 10 minutes. > > ![Benjamin Jackson](https://roots.io/build/assets/tom-feeley-CjbbT2-7.jpg) Benjamin Jackson > Throughout years of my WordPress era no other server tool served me so well as Trellis. Nginx, HTTPS by Let's Encrypt, firewall, etc. with one config file and one command. Highly recommend. > > ![Dawid Gawel](https://roots.io/build/assets/dawid-gawel-D9Y6M1qW.jpg) Dawid Gawel - Version [v1.31.1](https://github.com/roots/trellis/releases) - [Documentation](/trellis/docs/installation/) - [GitHub](https://github.com/roots/trellis)