Remote Server Setup with Trellis

We’re going to setup a remote server (say hosted on DigitalOcean), with Trellis’ automated deployments. It’s magical. Oddly enough, as of 2018, this guide is still pretty much up date and relatively unchanged.

We started by getting our local environment setup but now we need to get our production environment setup so we can get deploys going from our local machine. With Trellis, provisioning and deploying occurs from the trellis directory.

Remember our structure?      # → Root folder for your project
├── trellis/      # → You'ver clone of Trellis
└── site/         # → A Bedrock-based WordPress site
    └── web/
        ├── app/  # → WordPress content directory (themes, plugins, etc.)
        └── wp/   # → WordPress core (don't touch!)

1. Copy group_vars

Copy your wordpress_sites from your working development site in group_vars/development/wordpress_sites.yml to the production environment group_vars/production/wordpress_sites.yml.

Modify your site and add the necessary settings for remote servers:

  • repo – URL of the Git repo of your Bedrock project (required)
  • repo_subtree_path – relative path to your Bedrock/WP directory in your repo (above) if its not the root (like site/ in roots-example-project)
  • branch – the branch name, tag name, or commit SHA1 you want to deploy (default: master)
  • env – environment variables (very important)
    • auth_key – Generate (required in vault.yml)
    • secure_auth_key – Generate (required in vault.yml)
    • logged_in_key – Generate (required in vault.yml)
    • nonce_key – Generate (required in vault.yml)
    • auth_salt – Generate (required in vault.yml)
    • secure_auth_salt – Generate (required in vault.yml)
    • logged_in_salt – Generate (required in vault.yml)
    • nonce_salt – Generate (required in vault.yml)

You’ve’ll want to make sure that you change all instances of example.local (in your production vars) and switch it to Otherwise you may get some errors.

2. Setup Hosts and Users

Create a Digitalocean droplet configured for Ubuntu 16.04.1 in whatever size you may need.


Once you get your droplet setup, you’ll need to SSH into the server to change the default password DigitalOcean emails you.

Next, add your server IP (from the droplet) to your hosts/<environment>. Specify public SSH keys for users in group_vars/all/users.yml so Trellis can access your droplet. See the Trellis’ SSH Keys docs for more information.

3. Provision

Run ansible-playbook server.yml -e env=<environment>. and Hopefully you get a green light and no errors. If you do get errors, troubleshoot and try again. Trellis has verbose warnings and errors so they don’t leave you high and dry.

4. Deploying

To deploy, ensure that your site folder is in a public repository on Github.

Next, run ssh-add -K, this will add you SSH key to your shh-agent (if you’ve created one, also it’s good practice to add your keys to your Github account). Then, from the Trellis directory, run ./bin/ production and watch as your terminal deploys your most recent commit.

Previous: The WordPress Roots Stack


11 responses to “Remote Server Setup with Trellis”

  1. My provision/deploy worked perfectly in terminal with zero errors but my website isn’t loading, I’m not sure if this is because my domain hasn’t connected to Digital Oceans name servers properly yet, but would you please be able to tell me how I can check the website was deployed properly on digital ocean? I am able to ssh into the droplet.

    Thank you

    1. Howdy!

      Well since you changed your nameserver to DigitalOcean, you can just make these A Records below in your Droplet Dashboard under Networking. Alternatively, if you kept your domain registrars nameservers. Make sure you have the following A Records in place:

      hostname: @       value:
      hostname: wwww    value:

      Where is the IP of the DigitalOcean Droplet.

      That should do the trick. Let me know if that worked out for you.

      1. Yeah I changed to Digital Oceans name servers and added the @/www A records yesterday. Using SSH I have just discovered that my bedrock “web” folder is located in “/srv/www/” on my Digital Ocean droplet. should it be located here? Also when trying to ping my domain in terminal I get a request timeout so maybe the name servers haven’t propagated yet?

        Thank you for your help.

        1. Yeah that’s where it should be. The release folder is timestamped (useful for rolling back to older deploys). I’m pinging here in NYC and I’m not seeing a timeout status.

          1. Thats fine then. And thats strange, were you able to check which IP address it returned?

            Thank you very much!

          2. My terminal is showing:
            And the domain is showing a WP install page in my browser, just a heads up!

            No worries mate!

          3. Wow. Thats the correct IP and exactly what it should be showing for me yet when navigating to the URL nothing loads, I have no clue why this is happening.

            Thank you

  2. Martin Klasson Avatar
    Martin Klasson

    I am miss-reading a vital part.

    I have installed Trellis on my LOCAL machine, and I got a wordpress-site running easily on my localhost so to say. Super easy!

    And I would love to “deploy” this to a server. Which I know can handle this, not Digital Ocean this time.

    Do I have to follow the “install trellis” instructions on my remote host as well, just as I did with composer/virtualbox/vagrant-installs on my laptop?

    1. Howdy! Happy to help demystify this.

      First, you need to provision the server. Run this from the trellis directory:

      ansible-playbook server.yml -e env=production

      Running that command may take 15+ minutes to complete. Next, assuming you have no errors attempting to provision remotely, we can deploy your WordPress theme:

      ./bin/ production

      Now, if everything went off without a hitch, you can visit to switch your default WP theme to your new theme.

      1. Martin Klasson Avatar
        Martin Klasson

        Ah, yeah.

        I see – provisioning the server is done from the local machine.

        There is literally nothing that is supposed to be done at the remote really. I thought it hade to be lots of manual work in the remote as well.

        Looking forward to try this out later today. Thanks for the article and for your reply.

        1. That’s right! The provisioner recipe, is basically all laid out in the server.yml file in the root of your trellis directory.

          So when you run that playbook, it provisions the remote server from your terminal, it’s a pretty dope setup. You can check out the server.yml file here on Github.