Deploying Moodle: Difference between revisions

From The Opensource Knowledgebase
Jump to navigation Jump to search
 
(6 intermediate revisions by the same user not shown)
Line 5: Line 5:
<pre>
<pre>
hostname: infrabase1
hostname: infrabase1
Network: 172.16.149.128/25
Network: 10.1.65.0/24
IP Address : 172.16.149.176
IP Address : 10.1.65.11
Subnet Mask: 255.255.255.128
Subnet Mask: 255.255.255.0
Gateway: 172.16.176.129
Gateway: 10.1.65.1
DNS: 8.8.8.8
DNS: 8.8.8.8
sudo user: kedar
sudo user: kedar


Container: webserver
Container: webserver
Network: 10.0.3.0/24
Network: 10.1.65.0/24
IP Address : 10.0.3.211
IP Address : 10.1.65.107
Subnet Mask: 255.255.255.0
Subnet Mask: 255.255.255.0
Gateway: 10.0.3.1
Gateway: 10.1.65.1
DNS: 8.8.8.8
sudo user: kedar
 
Container: db1
Network: 10.1.65.0/24
IP Address : 10.1.65.108
Subnet Mask: 255.255.255.0
Gateway: 10.1.65.1
DNS: 8.8.8.8
DNS: 8.8.8.8
sudo user: kedar
sudo user: kedar
Line 23: Line 31:
PC type: Desktop
PC type: Desktop
OS: Ubuntu Desktop
OS: Ubuntu Desktop
IP Address: 172.16.162.65
IP Address: 10.1.65.160
sudo user:kedar
</pre>
</pre>
|}
|}
=Before you proceed=
=Before you proceed=
The domain used here is '''networked.com'''. This is a dummy domain used only for demonstration and required dns entries for this domain have already been done on a private dns server or in some cases, manual entries have been made to the host file to make the domain and any subdomains reachable on the network. This domain may be owned by someone else and we do not know who it is and we are not linked to them in any ways whatsoever. This domain has been used only for demo purpose. Moodle configured for this domain in this howto is not reachable on public IP. If you try networked.com and find any material that may be suitable / unsuitable to you, we are not the owners of the same and we are not responsible for the content whatsoever.
The domain used here is '''networked.com'''. This is used only for demonstration and required dns entries for this domain have already been done to the host file to make the domain and any subdomains reachable on the network. This domain may be owned by someone else and we do not know who it is and we are not linked to them. Moodle configured for this domain in this howto is not reachable on public IP. If you try networked.com and find any material that may be suitable / unsuitable to you, we are not the owners of the same and we are not responsible for the content.
=SSH into the web server=
Webserver is a container created on the host server (infrabase1) having an ip address of 10.0.3.211 and is a private IP address. To read on how this container has been made, click [https://infrastructure-advisory.org/index.php?title=Virtualization_using_LXC here]. This container is not reachable from any machine except the host server (infrabase1). To be able to access the web server from any machine on the network that is able to reach the host (infrabase1) server, two things have been done
* '''For ssh access''' from User PC (Details mentioned in Infobox on the right, top corner), iptables have been used on host server (infrabase1) for port forwarding. The rule ensures that any request on the host (infrabase1 server), on port number 61300 will be port forwarded to 10.0.3.211 on port number 22.
<syntaxhighlight lang="bash">
sudo iptables -t nat -A PREROUTING -p tcp -i eno1 --dport 61300 -j DNAT --to-destination 10.0.3.211:22
sudo iptables -t nat -A PREROUTING -p tcp -i eno1 --dport 61301 -j DNAT --to-destination 10.0.3.137:22
sudo iptables-save
sudo service netfilter-persistent save
</syntaxhighlight>
If an error is observed while executing the last two commands, install the below two packages and execute the above commands again
: <code> sudo apt install netfilter-persistent iptables-persistent </code>
The second iptable rule is for port forwarding for the database server.
*'''For http access''' - This is required because '''Moodle''' will be served on port 80 by the web server container. Nginx web server has been installed on host server (inrabase1) and is configured as a reverse proxy. This ensures that any port 80 request that hits the infrabase1 server will be redirected to the webserver container ip. Since the web server container is running an apache webserver, depending on the header and configured virtual hosts, apache on webserver container will serve the necessary website. Nginx configuration as a reverse proxy can be found here.


=Introduction=
*We shall be creating a website using moodle with FQDN as: https://moodle.networked.net
*We shall be hosting the site on port number: 443
*We shall be using a self signed SSL certificate
*Host entry to ensure this website is reachable is done in the user PC, in absence of a DNS
=Pre-requisites installation=
=Pre-requisites installation=
* Log into the webserver. In this case the host name of the web server is webserver
* Log into the webserver and run the below commands
<syntaxhighlight lang="bash">
<pre>
ssh kedar@172.16.149.176:61300
ssh kedar@10.1.65.107
sudo apt install apache2 php7.2 php7.2-curl php7.2-gd php7.2-intl php7.2-json php7.2-mbstring php7.2-mysql php7.2-soap php7.2-xml php7.2-xmlrpc php7.2-zip libapache2-mod-php7.2  
sudo apt install apache2 php7.2 php7.2-curl php7.2-gd php7.2-intl php7.2-json php7.2-mbstring php7.2-mysql php7.2-soap php7.2-xml php7.2-zip libapache2-mod-php7.2  
sudo apt install rsync nano openssl
sudo apt install rsync nano openssl
sudo a2enmod ssl
sudo a2enmod ssl
Line 53: Line 52:
sudo systemctl restart apache2
sudo systemctl restart apache2
sudo systemctl status apache2
sudo systemctl status apache2
</syntaxhighlight>
</pre>
 
=Database Creation=
=Database Creation=
*Database will be created in a mariadb server which is installed into a container created on the host server (infrabase1). DB server address is 10.0.3.137 and port forwarded as explained in step 2 above. Latest mariadb server has been installed and run the below commands after an ssh into the mariadb server.
*Database will be created in a mariadb server which is installed into a container created on the host server (infrabase1). Latest mariadb server has been installed and run the below commands after an ssh into the mariadb server.
<syntaxhighlight lang="bash">
<pre>
sudo mysql -u root -p
sudo mysql -u root -p
CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodleuser'@'%' IDENTIFIED BY '123456';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodle'@'%' IDENTIFIED BY '123456';
FLUSH PRIVILEGES;
FLUSH PRIVILEGES;
quit;
quit;
</syntaxhighlight>
</pre>
*Disable bind address argument so that DB server is reachable by any host on the network and is not limited to the localhost
=Create self signed certificates=
<syntaxhighlight lang="bash">
* Log into the webserver and run the below commands
sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf
<pre>
</syntaxhighlight>
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/moodle.key -out /etc/ssl/certs/moodle.crt
Search for bind-address argument and comment it by adding a # before the bind-address
</pre>
<syntaxhighlight lang="bash">
* You can use a commercial self signed certificate if you have one or can also use free Lets Encrypt certificate
#bind-address          = 127.0.0.1
</syntaxhighlight>
*Restart mariadb
<syntaxhighlight lang="bash">
sudo systemctl restart mariadb
sudo systemctl status mariadb
</syntaxhighlight>
*Changing the file format from default '''antelope''' file format to '''Baracuda''' file format. This step is necessary because Moodle's mandatory requirement is Baracuda file format. Edit the '''/etc/mysql/mariadb.conf.d/50-server.cnf''' file and add the following content in the file under various sections
<code> sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf </code>
<syntaxhighlight lang="bash">
[client]
default-character-set = utf8mb4
 
[mysqld]
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
skip-character-set-client-handshake
 
[mysql]
default-character-set = utf8mb4
</syntaxhighlight>
 
Save the file and exit
 
<syntaxhighlight lang="bash">
sudo systemctl restart mariadb
sudo systemctl status mariadb
</syntaxhighlight>
= Data Directory=
* Create moodledata directory outside the document root. We prefer to create it on "/" and change owner to www-data:www-data
<syntaxhighlight lang="bash">
cd /
sudo mkdir moodledata
sudo chown -R www-data:www-data moodledata/
</syntaxhighlight>
=Download Moodle=
=Download Moodle=
*Download & extract Moodle in the correct directory, giving permissions to the apache user
*Download & extract Moodle in the correct directory, giving permissions to the apache user
<syntaxhighlight lang="bash">
<pre>
cd /var/www/html
cd /var/www/html
sudo mkdir moodle
sudo mkdir moodle
cd /home/kedar
cd /home/kedar
wget https://download.moodle.org/download.php/direct/stable38/moodle-latest-38.tgz
wget https://download.moodle.org/download.php/direct/stable38/moodle-latest-38.tgz
</pre>
=Deploy Moodle=
* First create a data directory where all moodle data will be stored. Will be creating this folder on the root (/ partition). Will login using root, create the data folder and change the ownership of that folder to the apache user and group
<pre>
sudo su
cd /
mkdir moodledata
chown -R www-data:www-data moodledata
exit
</pre>
* Extract moodle and copy the contents to root folder of moodle in /var/www/html/moodle
<pre>
cd /home/kedar
tar -zxvf moodle-latest-38.tgz
tar -zxvf moodle-latest-38.tgz
cd moodle
cd moodle
Line 120: Line 94:
cd /var/www/html
cd /var/www/html
sudo chown -R www-data:www-data moodle/
sudo chown -R www-data:www-data moodle/
</syntaxhighlight>
</pre>
=Configure virtual hosts=
* Create virtual host for the website
*Copy the template to a new file called as moodle.conf. Make necessary changes. The file should like below
<pre>
<syntaxhighlight lang="bash">
cd /etc/apache2/sites-available
<VirtualHost moodle.networked.com:80>
sudo a2dissite 000-default.conf
ServerAdmin admin@networked.com
sudo a2dissite default-ssl.conf
ServerName moodle.networked.com
sudo nano moodle.conf
ServerAlias moodle
</pre>
     DocumentRoot   /var/www/html/moodle/
* Add the below configuration in the moodle.conf file
<pre>
<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerName     moodle.networked.net
                ServerAlias     moodle
                ServerAdmin     admin@networked.net
                DocumentRoot /var/www/html/moodle


ErrorLog ${APACHE_LOG_DIR}/error.log
                ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
                CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
                SSLEngine on
</syntaxhighlight>
                SSLCertificateFile      /etc/ssl/certs/moodle.crt
*Save the file and exit
                SSLCertificateKeyFile /etc/ssl/private/moodle.key
<syntaxhighlight lang="bash">
<FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
</VirtualHost>
</IfModule>
</pre>
* Enable the site and Restart apache service
<pre>
sudo a2ensite moodle.conf
sudo a2ensite moodle.conf
sudo systemctl restart apache2
sudo sysemctl restart apache2
</syntaxhighlight>
</pre>
* Using a browser navigate to https://moodle.networked.com
** Answer various questions based on some of the steps we have done above like db name, db user, db server etc.
** Login to moodle using the admin credentials


=Install Moodle=
=Cronjob for running all scheduled tasks in moodle=
*Open any browser of your choice and navigate to http://moodle.networked.com
<pre>
*Since moodle.networked.com is not reachable on public IP, it is necessary to either make entry in a local dns server or in the local host file. We have already done it so that moodle.networked.com resolves to the infrabase1 server
sudo su
*Infrabase1 has nginx configured as a reverse proxy and redirects requests for moodle.networked.com on port 80 to the webserver container. This is required as the container is on provate IP managed by the infrabase1 (LXC host).
crontab -u www-data -e
*Webinstaller will start and answer various questions like db name, db username, db host, password etc. If all dependencies are installed, webinstaller will create the necessary tables in mariadb and moodle installation will begin.
* * * * * /usr/bin/php  /var/www/html/moodle/admin/cli/cron.php >/dev/null
*Enjoy using Moodle for corporate L&D initiatives
</pre>
 
=Watch Video=


=Conclusion=
* We have a working moodle website hosted on an apache web server. Explore the plugins and extensions and create a corporate learning portal


[[Category: Intranet Applications]]
[[Category: Intranet Applications]]

Latest revision as of 05:38, 9 June 2020

Setup Details
hostname: infrabase1
Network: 10.1.65.0/24
IP Address : 10.1.65.11
Subnet Mask: 255.255.255.0
Gateway: 10.1.65.1
DNS: 8.8.8.8
sudo user: kedar

Container: webserver
Network: 10.1.65.0/24
IP Address : 10.1.65.107
Subnet Mask: 255.255.255.0
Gateway: 10.1.65.1
DNS: 8.8.8.8
sudo user: kedar

Container: db1
Network: 10.1.65.0/24
IP Address : 10.1.65.108
Subnet Mask: 255.255.255.0
Gateway: 10.1.65.1
DNS: 8.8.8.8
sudo user: kedar

User PC Details
PC type: Desktop
OS: Ubuntu Desktop
IP Address: 10.1.65.160

Before you proceed

The domain used here is networked.com. This is used only for demonstration and required dns entries for this domain have already been done to the host file to make the domain and any subdomains reachable on the network. This domain may be owned by someone else and we do not know who it is and we are not linked to them. Moodle configured for this domain in this howto is not reachable on public IP. If you try networked.com and find any material that may be suitable / unsuitable to you, we are not the owners of the same and we are not responsible for the content.

Introduction

  • We shall be creating a website using moodle with FQDN as: https://moodle.networked.net
  • We shall be hosting the site on port number: 443
  • We shall be using a self signed SSL certificate
  • Host entry to ensure this website is reachable is done in the user PC, in absence of a DNS

Pre-requisites installation

  • Log into the webserver and run the below commands
ssh kedar@10.1.65.107
sudo apt install apache2 php7.2 php7.2-curl php7.2-gd php7.2-intl php7.2-json php7.2-mbstring php7.2-mysql php7.2-soap php7.2-xml php7.2-zip libapache2-mod-php7.2 
sudo apt install rsync nano openssl
sudo a2enmod ssl
sudo a2enmod rewrite
sudo systemctl restart apache2
sudo systemctl status apache2

Database Creation

  • Database will be created in a mariadb server which is installed into a container created on the host server (infrabase1). Latest mariadb server has been installed and run the below commands after an ssh into the mariadb server.
sudo mysql -u root -p
CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodle'@'%' IDENTIFIED BY '123456';
FLUSH PRIVILEGES;
quit;

Create self signed certificates

  • Log into the webserver and run the below commands
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/moodle.key -out /etc/ssl/certs/moodle.crt
  • You can use a commercial self signed certificate if you have one or can also use free Lets Encrypt certificate

Download Moodle

  • Download & extract Moodle in the correct directory, giving permissions to the apache user
cd /var/www/html
sudo mkdir moodle
cd /home/kedar
wget https://download.moodle.org/download.php/direct/stable38/moodle-latest-38.tgz

Deploy Moodle

  • First create a data directory where all moodle data will be stored. Will be creating this folder on the root (/ partition). Will login using root, create the data folder and change the ownership of that folder to the apache user and group
sudo su
cd /
mkdir moodledata
chown -R www-data:www-data moodledata
exit
  • Extract moodle and copy the contents to root folder of moodle in /var/www/html/moodle
cd /home/kedar
tar -zxvf moodle-latest-38.tgz
cd moodle
sudo rsync -avz . /var/www/html/moodle
cd /var/www/html
sudo chown -R www-data:www-data moodle/
  • Create virtual host for the website
cd /etc/apache2/sites-available
sudo a2dissite 000-default.conf
sudo a2dissite default-ssl.conf
sudo nano moodle.conf
  • Add the below configuration in the moodle.conf file
<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerName      moodle.networked.net
                ServerAlias     moodle
                ServerAdmin     admin@networked.net
                DocumentRoot /var/www/html/moodle

                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined
                SSLEngine on
                SSLCertificateFile      /etc/ssl/certs/moodle.crt
                SSLCertificateKeyFile /etc/ssl/private/moodle.key
		<FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
		</VirtualHost>
</IfModule>
  • Enable the site and Restart apache service
sudo a2ensite moodle.conf
sudo sysemctl restart apache2
  • Using a browser navigate to https://moodle.networked.com
    • Answer various questions based on some of the steps we have done above like db name, db user, db server etc.
    • Login to moodle using the admin credentials

Cronjob for running all scheduled tasks in moodle

sudo su
crontab -u www-data -e
* * * * * /usr/bin/php  /var/www/html/moodle/admin/cli/cron.php >/dev/null

Conclusion

  • We have a working moodle website hosted on an apache web server. Explore the plugins and extensions and create a corporate learning portal