Skip to content

Trellis Docs


There are a few places you'll want to set/change passwords:


  • vault_mysql_root_password
  • vault_users.*.password
  • vault_wordpress_sites.*.env.db_password


  • vault_wordpress_sites.admin_password


  • vault_mail_password

For staging/production environments, it's best to randomly generate longer passwords using something like

You may be concerned about setting plaintext passwords in a Git repository, and you should be. We strongly recommend you encrypt these passwords before committing them to your repo. Trellis is structured to make it easy to enable Ansible Vault to encrypt select files. Alternatively, you could try an option such as git-crypt.


Any type of server configs such as this playbook should always be in a private Git repository.


Last updated

Support Roots

Help us continue to build and maintain our open source projects. We’re a small team of independent developers and every little bit helps.

Sponsor Roots on GitHub

Getting Started