Ansible playbooks for a WordPress LEMP stack
Clone or download
retlehs Merge pull request #1042 from roots/ssh-config-vagrant
Add Vagrant ssh-config to ~/.ssh/config on vagrant up
Latest commit 8e22804 Dec 13, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Update Dec 3, 2016
bin Add Vagrant `ssh-config` to `~/.ssh/config` on `vagrant up` Dec 13, 2018
deploy-hooks Python version compatibility fixes Dec 5, 2018
group_vars Re-enable xdebug remote Jun 26, 2018
hosts Update some documentation notes Mar 29, 2016
lib/trellis Fix python 3 Ansible compatibility check Dec 13, 2018
roles Set ansible_python_interpreter in dev Dec 13, 2018
.editorconfig Add reverse_www filter to fix www_redirect Feb 18, 2016
.gitignore Git: Ignore `vagrant.local.yml` Mar 1, 2018
.travis.yml Add Python 3.6 to Travis Dec 5, 2018 Add Vagrant `ssh-config` to `~/.ssh/config` on `vagrant up` Dec 13, 2018 Add Code of Conduct [ci skip] Nov 28, 2017 Initial commit Apr 16, 2014 Update README for 18.04 Dec 12, 2018
Vagrantfile Add Vagrant `ssh-config` to `~/.ssh/config` on `vagrant up` Dec 13, 2018
ansible.cfg Update Ansible default plugin paths in config files (#958) Mar 8, 2018
deploy.yml Python version compatibility fixes Dec 5, 2018
dev.yml Set ansible_python_interpreter in dev Dec 13, 2018
requirements.yml Update logrotate Dec 2, 2018
rollback.yml Ansible 2.4 compatibility Sep 20, 2017
server.yml Set ansible_python_interpreter in dev Dec 13, 2018
vagrant.default.yml Update Vagrant box to ubuntu-18.04 Dec 10, 2018
variable-check.yml Add tags to select includes and tasks Dec 30, 2015
xdebug-tunnel.yml update xdebug tunnel configuration: update ssh connections to allow t… Jun 25, 2018


Release Build Status

Ansible playbooks for setting up a LEMP stack for WordPress.

  • Local development environment with Vagrant
  • High-performance production servers
  • One-command deploys for your Bedrock-based WordPress sites

What's included

Trellis will configure a server with the following and more:

  • Ubuntu 18.04 Bionic LTS
  • Nginx (with optional FastCGI micro-caching)
  • PHP 7.2
  • MariaDB (a drop-in MySQL replacement)
  • SSL support (scores an A+ on the Qualys SSL Labs Test)
  • Let's Encrypt integration for free SSL certificates
  • HTTP/2 support (requires SSL)
  • Composer
  • WP-CLI
  • sSMTP (mail delivery)
  • MailHog
  • Memcached
  • Fail2ban
  • ferm


Full documentation is available at


Make sure all dependencies have been installed before moving on:


The recommended directory structure for a Trellis project looks like:      # → Root folder for the project
├── trellis/      # → Your clone of this repository
└── site/         # → A Bedrock-based WordPress site
    └── web/
        ├── app/  # → WordPress content directory (themes, plugins, etc.)
        └── wp/   # → WordPress core (don't touch!)

See a complete working example in the repo.

  1. Create a new project directory: $ mkdir && cd
  2. Clone Trellis: $ git clone --depth=1 && rm -rf trellis/.git
  3. Clone Bedrock: $ git clone --depth=1 site && rm -rf site/.git

Windows user? Read the Windows docs for slightly different installation instructions. VirtualBox is known to have poor performance in Windows — use VMware or see some possible solutions.

Local development setup

  1. Configure your WordPress sites in group_vars/development/wordpress_sites.yml and in group_vars/development/vault.yml
  2. Ensure you're in the trellis directory: cd trellis
  3. Run vagrant up

Read the local development docs for more information.

Remote server setup (staging/production)

For remote servers, installing Ansible locally is an additional requirement. See the docs for more information.

A base Ubuntu 18.04 (Bionic) server is required for setting up remote servers. OS X users must have passlib installed.

Note: Ubuntu 16.04 (Xenial) is still supported as well. See #992 for details on the minor changes needed to run it.

  1. Configure your WordPress sites in group_vars/<environment>/wordpress_sites.yml and in group_vars/<environment>/vault.yml (see the Vault docs for how to encrypt files containing passwords)
  2. Add your server IP/hostnames to hosts/<environment>
  3. Specify public SSH keys for users in group_vars/all/users.yml (see the SSH Keys docs)
  4. Run ansible-playbook server.yml -e env=<environment> to provision the server

Read the remote server docs for more information.

Deploying to remote servers

  1. Add the repo (Git URL) of your Bedrock WordPress project in the corresponding group_vars/<environment>/wordpress_sites.yml file
  2. Set the branch you want to deploy
  3. Run ./bin/ <environment> <site name>
  4. To rollback a deploy, run ansible-playbook rollback.yml -e "site=<site name> env=<environment>"

Read the deploys docs for more information.


Contributions are welcome from everyone. We have contributing guidelines to help you get started.

Trellis sponsors

Help support our open-source development efforts by becoming a patron.

Kinsta Harness Software KM Digital


Keep track of development and community news.