hostname: infrabase1
Network: 172.16.149.128/25
IP Address : 172.16.149.176
Subnet Mask: 255.255.255.128
Gateway: 172.16.176.129
DNS: 8.8.8.8
sudo user: kedar

Container: webserver
Network: 10.0.3.0/24
IP Address : 10.0.3.211
Subnet Mask: 255.255.255.0
Gateway: 10.0.3.1
DNS: 8.8.8.8
sudo user: kedar

User PC Details
PC type: Desktop
OS: Ubuntu Desktop
IP Address: 172.16.162.65
sudo user:kedar 

Before you proceed

The domain used here is networked.com. This is a dummy domain used only for demonstration and required dns entries for this domain have already been done on a private dns server or in some cases, manual entries have been made to the host file to make the domain and any subdomains reachable on the network. This domain may be owned by someone else and we do not know who it is and we are not linked to them in any ways whatsoever. This domain has been used only for demo purpose. Moodle configured for this domain in this howto is not reachable on public IP. If you try networked.com and find any material that may be suitable / unsuitable to you, we are not the owners of the same and we are not responsible for the content whatsoever.

SSH into the web server

Webserver is a container created on the host server (infrabase1) having an ip address of 10.0.3.211 and is a private IP address. To read on how this container has been made, click here. This container is not reachable from any machine except the host server (infrabase1). To be able to access the web server from any machine on the network that is able to reach the host (infrabase1) server, two things have been done

• For ssh access from User PC (Details mentioned in Infobox on the right, top corner), iptables have been used on host server (infrabase1) for port forwarding. The rule ensures that any request on the host (infrabase1 server), on port number 61300 will be port forwarded to 10.0.3.233 on port number 22.

sudo iptables -t nat -A PREROUTING -p tcp -i eno1 --dport 61300 -j DNAT --to-destination 10.0.3.211:22
sudo iptables -t nat -A PREROUTING -p tcp -i eno1 --dport 61301 -j DNAT --to-destination 10.0.3.137:22
sudo iptables-save
sudo service netfilter-persistent save

If an error is observed while executing the last two commands, install the below two packages and execute the above commands again

sudo apt install netfilter-persistent iptables-persistent

The second iptable rule is for port forwarding for the database server.

• For http access - This is required because Moodle will be served on port 80 by the web server container. Nginx web server has been installed on host server (inrabase1) and is configured as a reverse proxy. This ensures that any port 80 request that hits the infrabase1 server will be redirected to the webserver container ip. Since the web server container is running an apache webserver, depending on the header and configured virtual hosts, apache on webserver container will serve the necessary website. Nginx configuration as a reverse proxy can be found here.

Pre-requisites installation

• Log into the webserver. In this case the host name of the web server is webserver

ssh kedar@172.16.149.176:61300
sudo apt install apache2 php7.2 php7.2-curl php7.2-gd php7.2-intl php7.2-json php7.2-mbstring php7.2-mysql php7.2-soap php7.2-xml php7.2-xmlrpc php7.2-zip libapache2-mod-php7.2 
sudo apt install rsync nano openssl
sudo a2enmod ssl
sudo a2enmod rewrite
sudo systemctl restart apache2
sudo systemctl status apache2

Database Creation

• Database will be created in a mariadb server which is installed into a container created on the host server (infrabase1). DB server address is 10.0.3.137 and port forwarded as explained in step 2 above. Latest mariadb server has been installed and run the below commands after an ssh into the mariadb server.

sudo mysql -u root -p
CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodleuser'@'%' IDENTIFIED BY '123456';
FLUSH PRIVILEGES;
quit;

• Disable bind address argument so that DB server is reachable by any host on the network and is not limited to the localhost

sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf

Search for bind-address argument and comment it by adding a # before the bind-address

#bind-address           = 127.0.0.1

• Restart mariadb

sudo systemctl restart mariadb
sudo systemctl status mariadb

• Changing the file format from default antelope file format to Baracuda file format. This step is necessary because Moodle's mandatory requirement is Baracuda file format. Edit the /etc/mysql/mariadb.conf.d/50-server.cnf file and add the following content in the file under various sections

sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf

[client]
default-character-set = utf8mb4

[mysqld]
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
skip-character-set-client-handshake

[mysql]
default-character-set = utf8mb4

Save the file and exit

sudo systemctl restart mariadb
sudo systemctl status mariadb

Moodle Data Directory & Download Moodle

• Create moodledata directory outside the document root. We prefer to create it on "/" and change owner to www-data:www-data

cd /
sudo mkdir moodledata
sudo chown -R www-data:www-data moodledata/

• Download & extract Moodle in the correct directory, giving permissions to the apache user

cd /var/www/html
sudo mkdir moodle
cd /home/kedar
wget https://download.moodle.org/download.php/direct/stable38/moodle-latest-38.tgz
tar -zxvf moodle-latest-38.tgz
cd moodle
sudo rsync -avz . /var/www/html/moodle
cd /var/www/html
sudo chown -R www-data:www-data moodle/

Create Virtual Host in apache (webserver) & nginx (infrabase1)

Apache

• Copy the template to a new file called as mmodle.conf. Make necessary changes. The file should like below

<VirtualHost connect.networked.com:80>
	ServerAdmin		admin@networked.com
	ServerName		moodle.networked.com
	ServerAlias		moodle
    DocumentRoot    /var/www/html/moodle/

	ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Save the file and exit

sudo a2ensite moodle.conf
sudo systemctl restart apache2