litesoup

WordPress hosting on your own VPS. Sane defaults, no lock-in.

One bash script turns a fresh Ubuntu 24.04 box into a production-ready WordPress host. Apache + multi-version PHP + MariaDB + Redis + Memcached + TLS + firewall + fail2ban + auto-updates. Each site runs as its own UNIX user with isolated PHP-FPM, never as www-data.

Built for agencies hosting 5–50 sites per box who don’t want to pay $25/month for runcloud and don’t want to babysit Docker.

30-second start 

git clone https://github.com/codetot-web/litesoup.git
cd litesoup
sudo bash install/install-stack.sh
sudo bash site/site-create.sh --domain=example.com --tls=letsencrypt --email=ops@example.com

That’s a working HTTPS WordPress site. ~15 minutes total.

Who this is for

  • Agencies hosting 5–50 client WordPress sites on bare VPSes (DO, Hetzner, Linode).
  • Developers who want bare-metal control without the runcloud / cloudways subscription.
  • Anyone migrating off runcloud / cyberpanel / cloudpanel and wanting their stack in plain bash they can audit and modify.

Who this is not for

  • One-WP-per-host hobby setups — managed WordPress hosts (Kinsta, Pantheon) are easier.
  • 100+ sites/box — you probably want Kubernetes, not bash.
  • Anyone who wants a GUI — there isn’t one (yet — see Roadmap).

What you get out of the box

   
Web Apache 2.4 + mpm_event + http2
PHP 8.0–8.5 side-by-side via Ondrej PPA (CloudPanel mirror fallback for blocked networks)
DB MariaDB 10.x with non-interactive secure baseline
Cache Redis (loopback, requirepass, RAM-tier maxmemory) + Memcached (loopback, UDP off)
TLS Let’s Encrypt automation via certbot timer
WP wp-cli installed, sha512-verified
Security ufw firewall · fail2ban · unattended-upgrades · sshd/apache/php hardening
Per-site One PHP-FPM pool per site owner (UID isolation, open_basedir, FPM tier sizing)

Where to go next

  • Install — full install guide, requirements, env vars, common flags.
  • Sitessite-create, site-set-php, site-set-tier, site-set-tls.
  • Hardening — what’s locked down by default, opt-in stricter posture.
  • Caching — Redis + Memcached + recommended WP cache plugins.
  • Audit — read-only check scripts (WP health, system metrics, vulns, perf drift).
  • Troubleshooting — common issues + fixes.
  • Architecture — how it’s built, why bare-metal apt over Docker.
  • Roadmap — what ships next.
  • Contributing — dev setup, testing, multi-agent dispatch pattern.

License

MIT. Use it, fork it, ship it. No tracking, no telemetry, no upsell.