If you do this in any way, you will end up being responsible for supporting it when they break it on a Friday afternoon.
For clients that want to self-maintain we use beaver builder along with acf and custom post types to balance their ability to update content and have flexibility, while keeping things clean and reliable. This is the right solution.
Plugin and them update installation along with files edits just guarantees the site will get hacked. Having them locked down is one of the greatest benefits of Trellis. It also means random things can get changed without the site being in source control
We always will install plugins for clients for free on any of the sites we host, but they can’t do it them selves because the requests are normally:
- An unnecessary or scary plugin like a file manager or an additional seo or adwords or youtube or gallery plugin when that functionality already exists and they don’t realise
- A piece of crap from themeforest that will break and destroy a live site when there is an alternative you can easily recommend and install instead to get them a good result
- It’s a whole set of new functionality that needs to be through through set up properly and tested, not just dropped on a live site
If they are insistent that they want to play with everything with no knowledge. You should de-bedrock it, hand it over as-is and let them get it installed on their own hosting. Make it clear that it’s not supported as it’s not safe, secure or best-practice.
If a surgeon has a patient that wants to perform procedures on themselves, they don’t help enable it. You don’t want to get involved. If this sounds overly harsh then it’s borne from many weak moments of letting people self-manage when it’s outside their knowledge and skills.