Remote Server Setup with Trellis

Posted by Stephen Petrey on Wednesday, October 18, 2017

We’re going to setup a remote server (say hosted on DigitalOcean), with Trellis’ automated deployments. It’s magical. Oddly enough, as of 2018, this guide is still pretty much up date and relatively unchanged.

We started by getting our local environment setup but now we need to get our production environment setup so we can get deploys going from our local machine. With Trellis, provisioning and deploying occurs from the trellis directory.

Remember our structure?      # → Root folder for your project
├── trellis/      # → You'ver clone of Trellis
└── site/         # → A Bedrock-based WordPress site
    └── web/
        ├── app/  # → WordPress content directory (themes, plugins, etc.)
        └── wp/   # → WordPress core (don't touch!)

1. Copy group_vars

Copy your wordpress_sites from your working development site in group_vars/development/wordpress_sites.yml to the production environment group_vars/production/wordpress_sites.yml.

Modify your site and add the necessary settings for remote servers:

  • repo – URL of the Git repo of your Bedrock project (required)
  • repo_subtree_path – relative path to your Bedrock/WP directory in your repo (above) if its not the root (like site/ in roots-example-project)
  • branch – the branch name, tag name, or commit SHA1 you want to deploy (default: master)
  • env – environment variables (very important)
    • auth_key – Generate (required in vault.yml)
    • secure_auth_key – Generate (required in vault.yml)
    • logged_in_key – Generate (required in vault.yml)
    • nonce_key – Generate (required in vault.yml)
    • auth_salt – Generate (required in vault.yml)
    • secure_auth_salt – Generate (required in vault.yml)
    • logged_in_salt – Generate (required in vault.yml)
    • nonce_salt – Generate (required in vault.yml)

You’ve’ll want to make sure that you change all instances of example.local (in your production vars) and switch it to Otherwise you may get some errors.

2. Setup Hosts and Users

Create a Digitalocean droplet configured for Ubuntu 16.04.1 in whatever size you may need.


Once you get your droplet setup, you’ll need to SSH into the server to change the default password DigitalOcean emails you.

Next, add your server IP (from the droplet) to your hosts/<environment>. Specify public SSH keys for users in group_vars/all/users.yml so Trellis can access your droplet. See the Trellis’ SSH Keys docs for more information.

3. Provision

Run ansible-playbook server.yml -e env=<environment>. and Hopefully you get a green light and no errors. If you do get errors, troubleshoot and try again. Trellis has verbose warnings and errors so they don’t leave you high and dry.

4. Deploying

To deploy, ensure that your site folder is in a public repository on Github.

Next, run ssh-add -K, this will add you SSH key to your shh-agent (if you’ve created one, also it’s good practice to add your keys to your Github account). Then, from the Trellis directory, run ./bin/ production and watch as your terminal deploys your most recent commit.

Previous: The WordPress Roots Stack


Leave a Comment