Skip to content
Ansible role: Add htpasswd protection to Trellis (Bedrock-Ansible) WordPress sites.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.

Bedrock Site protect

This role is specifically crafted to go with Trellis. It will allow you to set Basic authentication on your bedrock websites. This is especially useful during development if you have a staging environment that you don't want the world to see.


This role is made for Trellis (previously known as Bedrock-Ansible), so it depends on it.

Role Variables

The role will read from the wordpress_sites dict set in environments files of Trellis. It will search for the htpasswd key.


      - canonical:
    local_path: '../site' # path targeting local Bedrock site directory (relative to Ansible root)
      enabled: false
      enabled: false
      enabled: false
      - name: user
        password: secret
      - name: user2
        password: secret2

You may want to add the htpasswd block in the vault.yml file so password will be encrypted. You can also set the htpasswd_path to specify the folder used to store htpasswd files. The default is /etc/htpasswd. If you want to set this parameter, it is recommended that you set it in the group_vars/all/main.yml file, so it will be the same for all environments.



Example Playbook

To get started, add this role (louim.bedrock-site-protect) to the requirements.yml file in your Trellis installation like so:

- name: bedrock-site-protect
  src: louim.bedrock-site-protect
  version: 2.0.0

Then re-run the ansible-galaxy install -r requirements.yml to install the new role. You might need to add the -f option to force install of previously downloaded roles.

You will also need to add the role to the server.yml like so:

  ... other Trellis roles ...
  - { role: bedrock-site-protect, tags: [htpasswd] }

Adding / Removing Basic Authentication

To Add: Run the Trellis command to set up your previously configured remote server: ansible-playbook server.yml -e env=<environment> To Remove: Remove the following htpasswd block:

    - name: user
      password: secret

in the wordpress_sites dict set, and reconfigure via: ansible-playbook server.yml -e env=<environment>.



Author Information

© Louis-Michel Couture 2018. Role inspired by ansible-htpasswd by franklinkim

You can’t perform that action at this time.