How to Install Moodle on Ubuntu 20.04 | 18.04 with Nginx and Let’s Encrypt

Sabtu, 17 Juli 2021

 To get started with installing Moodle, follow the steps below:

Step 1: Install Nginx HTTP Server

Moodle requires a web server to function, and Nginx is one of the most popular opensource web server available today.

To install Nginx on Ubuntu, run the commands below:

sudo apt update
sudo apt install nginx

After installing Nginx, the commands below can be used to stopstart and enable Nginx service to always start up with the server boots.

sudo systemctl stop nginx.service
sudo systemctl start nginx.service
sudo systemctl enable nginx.service

To test whether Nginx is installed and functioning, open your web browser and browse to the server’s IP address or hostname.

http://localhost

nginx default home page test

If you see the above page in your browser, then Nginx is working as expected.

Step 2: Install MariaDB Database Server

You’ll also need a database server to run Moodle. A database server is where Moodle content get stored.

A true open source database server that you can use with Moodle is MariaDB database server. It is fast, secure and the default server for almost all Linux servers.

To install MariaDB, run the commands below:

sudo apt-get install mariadb-server mariadb-client

After installing MariaDB, the commands below can be used to stopstart and enable MariaDB service to always start up when the server boots.

sudo systemctl stop mariadb.service
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Next, run the commands below to secure the database server with a root password if you were not prompted to do so during the installation.

sudo mysql_secure_installation

When prompted, answer the questions below by following the guide.

  • Enter current password for root (enter for none): Just press the Enter
  • Set root password? [Y/n]: Y
  • New password: Enter password
  • Re-enter new password: Repeat password
  • Remove anonymous users? [Y/n]: Y
  • Disallow root login remotely? [Y/n]: Y
  • Remove test database and access to it? [Y/n]:  Y
  • Reload privilege tables now? [Y/n]:  Y

To verify and validate that MariaDB is installed and working, login to the database console using the commands below:

sudo mysql -u root -p

type the root password when prompted.

mariadb welcome

If you see a similar screen as shown above, then the server was successfully installed.

Next, run the commands below to open MariaDB default config file…

sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf

Then add the highlighted lines below and save.

[mysqld]
#
* Basic Settings
#
user = mysql
pid-file = /run/mysqld/mysqld.pid
socket = /run/mysqld/mysqld.sock
#port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
#skip-external-locking
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix = ON

Restart MariaDB after that…

sudo systemctl restart mariadb.service

Step 3: Install PHP 7.4 and Related Modules

Moodle is a PHP based application, and PHP is required to run it. Since some versions of Ubuntu don’t have the latest versions of PHP, you can add a third-party PPA repository to install PHP from there.

The command below will add a third-party PPA to Ubuntu.

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:ondrej/php

Then update and upgrade to PHP 7.4

sudo apt update

Next, run the commands below to install PHP 7.4 and related modules.

sudo apt install php7.4-fpm php7.4-common php7.4-mysql php7.4-gmp php7.4-curl php7.4-intl php7.4-mbstring php7.4-soap php7.4-xmlrpc php7.4-gd php7.4-xml php7.4-cli php7.4-zip

After installing PHP 7.4, go and configure some basic settings that may be required for Moodle to function properly.

Run the commands below to open PHP

sudo nano /etc/php/7.4/fpm/php.ini

Below are good settings to configure for most Moodle websites.

file_uploads = On
allow_url_fopen = On
short_open_tag = On
memory_limit = 256M
cgi.fix_pathinfo = 0
upload_max_filesize = 100M
max_execution_time = 360
date.timezone = America/Chicago

That should get PHP 7.4 installed with some basic settings to allow Moodle to function.

Step 4: Create Moodle Database

When all the servers are installed above, it’s now time to begin setting up Moodle environment. First, run the steps below to create a blank database for Moodle to use.

Logon to MariaDB database console using the commands below:

sudo mysql -u root -p

Then create a database called moodle

CREATE DATABASE moodle;

Next, create a database user called moodleuser and set password

CREATE USER 'moodleuser'@'localhost' IDENTIFIED BY 'new_password_here';

Then grant the user full access to the database.

GRANT ALL ON moodle.* TO 'moodleuser'@'localhost' WITH GRANT OPTION;

Finally, save your changes and exit.

FLUSH PRIVILEGES;
EXIT;

Step 5: Download Moodle

At this point, Moodle is ready to be downloaded and installed. Use the commands below to download the latest version of Moodle. At the time of this writing, the latest version is 38.

To view Moodle releases, see this page.

sudo apt install git curl

After installing git and curl above, change into the Nginx root directory and download Moodle packages from Github… Always replace the branch number with the latest branch.

cd /var/www/
sudo git clone -b MOODLE_38_STABLE git://git.moodle.org/moodle.git moodle

Then run the commands below to set the correct permissions for Moodle to function.

sudo mkdir -p /var/www/moodledata
sudo chown -R www-data:www-data /var/www/
sudo chmod -R 755 /var/www/
sudo chown www-data:www-data /var/www/moodledata

Step 6: Configure Nginx

Below is where you configure Nginx VirtualHost file for the Moodle site you’re creating. This file defines how client requests are handled and processed.

Run the commands below to create a new VirtualHost file called moodle in the /etc/nginx/sites-available/ directory.

sudo nano /etc/nginx/sites-available/moodle

A very good configuration settings for most Moodle site on Nginx server is below. This configuration should work great.

Copy the content below and save into the file created above.

server {
    listen 80;
    listen [::]:80;
    root /var/www/moodle;
    index  index.php index.html index.htm;
    server_name  example.com www.example.com;

    client_max_body_size 100M;
    autoindex off;
    location / {
        try_files $uri $uri/ =404;
    }

    location /dataroot/ {
      internal;
      alias /var/www/moodledata/;
    }

    location ~ [^/].php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

Save the file and exit.

After saving the file above, run the commands below to enable the new site, then restart Nginx server.

sudo ln -s /etc/nginx/sites-available/moodle /etc/nginx/sites-enabled/
sudo systemctl restart nginx.service

At this stage, Moodle is ready and can be launched by going to the server’s IP or hostname.

http://localhost

However, if you want to enable SSL or accept web traffic over HTTPS, then you can continue below to install and configure Let’s Encrypt free SSL certificates.

Step 7: Install Let’s Encrypt Wildcard Certificates

At step 6, Moodle is ready to use without SSL. However, if you want to serve web traffic over HTTPS, then installing and configuring Let’s Encrypt SSL certificate or other public certificates is a must.

To install Let’s Encrypt, run the commands below.

sudo apt update
sudo apt-get install letsencrypt

The commands above will install certbot tool and all dependencies that will be allowed to make the tool function.

Let’s Encrypt provides many ways to challenge you to validate that you own the domain you want to provide SSL certificates for. You will not be able to generate certificates if you can’t prove that you own the domain you want to secure.

For wildcard certificates, the only challenge method Let’s Encrypt accepts is the DNS challenge, which we can invoke via the preferred-challenges=dns flag.

So, to generate a wildcard cert for domain *.example.com, you run the commands below:

sudo certbot certonly --manual --preferred-challenges=dns --email admin@example.com --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d example.com -d *.example.com

The command options above are explained below:

  • certonly:                                     Obtain or renew a certificate, but do not install
  • –manual:                                    Obtain certificates interactively
  • –preferred-challenges=dns:      Use dns to authenticate domain ownership
  • –server:                                      Specify the endpoint to use to generate
  • –agree-tos:                                 Agree to the ACME server’s subscriber terms
  • -d:                                               Domain name to provide certificates for

After executing the command above, Let’s Encrypt will provide a text string to add a text record to your DNS entry…

Example:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None

-------------------------------------------------------------------------------
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: y
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for example.com

-------------------------------------------------------------------------------
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.

Are you OK with your IP being logged?
-------------------------------------------------------------------------------
(Y)es/(N)o: y

-------------------------------------------------------------------------------
Please deploy a DNS TXT record under the name
_acme-challenge.example.com with the following value:

x4MrZ6y-JqFJQRmq_lGi9ReRQHPa1aTC9J2O7wDKzq8

Before continuing, verify the record is deployed.

Go to your DNS provider portal and add a text record for the string above and save…

Let's Encrypt DNS

Wait a few mins before continuing from the prompt.

Some DNS providers take a wile to propagate changes so it may depend on your provider’s platform.

After the changes above and Let’s encrypt is able to validate that you own the domain, you should see a successful message as below:

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/example.com/privkey.pem
   Your cert will expire on 2020-01-09. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"

The wildcard certificate is now generated and ready to be used.

To verify that the certificate is ready, run the commands below:

sudo certbot certificates

That should display similar screen as below:

Found the following certs:
  Certificate Name: example.com
    Domains: *.example.com
    Expiry Date: 2020-01-05 07:48:04+00:00 (VALID: 85 days)
    Certificate Path: /etc/letsencrypt/live/example.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/example.com/privkey.pem

Now, Let’s Encrypt’s certificates are valid for 90 days… You’ll want to setup a crob job to automate the renewal process… To do that, open crontab and add the entry below:

sudo crontab -e

Then add the line below and save…

0 1 * * * /usr/bin/certbot renew >> /var/log/letsencrypt/renew.log

Save and you’re done!

With Let’s Encrypt installed, reopen Nginx VirtualHost file created above and add Let’s Encrypt configurations to secure your website.

Run the commands below open the file.

sudo nano /etc/nginx/sites-available/moodle

Then add the highlighted lines to the VirtualHost file as shown below:

server {
    listen 80;
    listen [::]:80;
    server_name *.example.com;
    return 301 https://$host$request_uri;
}
server {
    listen 443 ssl http2;
    listen [::] 443 ssl http2;
    root /var/www/moodle;
    index  index.php index.html index.htm;
    server_name  example.com www.example.com;

    if ($host != "example.com") {
      return 301 https://example.com$request_uri;
    }

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers 'TLS13+AESGCM+AES128:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 1d;
    ssl_session_tickets off;
    ssl_ecdh_curve X25519:sect571r1:secp521r1:secp384r1;

    client_max_body_size 100M;
    autoindex off;
    location / {
        try_files $uri $uri/ =404;
    }

    location /dataroot/ {
       internal;
       alias /var/www/moodledata/;
    }

    location ~ [^/].php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

After the above, restart Nginx and PHP 7.4-FPM

sudo systemctl reload nginx
sudo systemctl reload php7.4-fpm

Next, open your browser and browse to the server domain name. You should see Moodle setup wizard to complete. Please follow the wizard carefully.

https://example.com/

Then follow the on-screen instructions.

Select the installation language, then click Next to continue.

Moodle Ubuntu setup

On the next screen, choose a database drive [MariaDB] and click Next to continue.

ubuntu moodle install

On this screen, type in the database info you created above, including the database name, username and password.

Then click Next to continue.

Ubuntu install moodle

Here is where you type in the admin username, create a password and other details.

Moodle wizard ubuntu

When you’re done, Moodle should be installed and ready to use. Login as admin and begin configuring your site.

Ubuntu moodle setup

That’s it!

Congratulation! You have successfully installed Moodle CMS on Ubuntu 18.04 | 20.04. If you find any error above, please use the comment form below to report it.

Thanks,


https://websiteforstudents.com/how-to-install-moodle-on-ubuntu-20-04-18-04-with-nginx-and-lets-encrypt/

Install Moodle di Ubuntu Server 20.04 LTS menggunakan LEMP Stack (Nginx, MariaDB, PHP)

Senin, 05 Oktober 2020

 Moodle merupakan CMS (Content Management System) yang sifatnya gratis dan berbentuk open-source. moodle mengusung konsep LMS (Learning Management System), moodle merupakan solusi yang bisa digunakan dalam suatu organisasi untuk menyelenggaran pendidikan secara daring.

Kali ini saya akan membahas bagaimana menginstalasi Moodle menggunakan konsep LEMP Stack (Nginx, Mariadb dan PHP). instalasi ini menggunakan komputer server virtual Ubuntu Server versi 20.04 LTS.

Persiapan kebutuhan :

  • Ubuntu Server 20.04
  • Webserver (Apache/Nginx)
  • PHP 7.0 terbarukan
  • MySQL/MariaDB sebagai database server
  • perisapkan file moodle

Opsional, setelah temen-temen download file moodle.tgz baik dari OS manapun temen-temen dapat memindahkannya file tersebut ke server yang sudah temen-temen siapakan agar pada saat instal moodle temen-temen tidak membutuhkan waktu lama lagi. caranya sebagai berikut :

scp -p /Users/mac/Downloads/moodle-latest-39.tgz joko@192.168.100.80:/home/joko

script di atas menandakan saya memindahkan file dari penyimpanan local komputer saya ke server yang sudah saya siapkan, dalam hal ini saya memindahkan file tersebut ke dalam direktori home

Untuk teman-teman yang ingin mencobanya dapat mengikuti langkah berikut :

Cek IP Address server

# ifconfig

Login dengan menggunakan layanan SSH kemudian melakukan update pada sistem server

#ssh namaserver@IP_Address

contoh : ssh joko@192.168.100.50 kemudian masuk sebagai root admin dan melakukan update system

# sudo su
# sudo apt update && apt upgrade

Setelah selesai selanjutnya Installing Web Server

Installing Webserver Apache :

# sudo apt -y install apache2
# sudo ufw allow 'Apache'

setelah selesai restart Apache :

# sudo systemctl restart apache

Installing Webserver Nginx + MySQL + PHP

# sudo apt install nginx mysql-server php-mysql php-gd php-intl php-xmlrpc php-soap php-cli php-zip php-mbstring php-curl php-xml php-pear php-bcmath php-fpm

langkah diatas apabila jika ingin mengunakan package tetapi jika ingin manual agar lebih rinci proses nya maka dapat mengikuti langkah berikut :

Installing Webserver Nginx

# sudo apt install nginx

Setelah selesai instalasi selanjutnya kemudian memberhentikan layanan Nginx dan melakukan start dan Enable Nginx agar selalu berjalan pada boot.

# sudo systemctl stop nginx.service
# sudo systemctl start nginx.service
# sudo systemctl enable nginx.service

setelah itu cek apakah web server sudah diinstall dengan baik dengan cara ketik http://localhost atau ketikan IP Address Server

Installing MariaDB

# sudo apt install mariadb-server mariadb-client

setelah selesai melakukan install kemudian melakukan stop, start dan enable pada MariaDB agar dapat berjalan pada server boot.

# sudo systemctl stop mariadb.service
# sudo systemctl start mariadb.service
# sudo systemctl enable mariadb.service

Selanjutnya adalah sedikit memberikan konfigurasi pada database server untuk menyelesaikan tahapan instalasinya.

# sudo mysql_secure_installation

Selanjutnya ada memberikan isian jawaban pada tahap installing khusus jika akan memberikan password maka isikan password saja tetapi jika tidak akan memberikan password cukup tekan Enter.

Enter current password for root (enter for none): Just press the [Enter] key, as no password is set by default
Set root password? [Y/n]: Y
New password: Enter password (sukses)
Re-enter new password: Repeat password (sukses)
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y

Pada kasus diatas saya coba memberikan password database server ‘sukses’setelah oke silahkan dicek dengan menuliskan code berikut untuk melihat apakah installasi mariadb telah berhasil : sudo mysql -u root -p

# Optional
konfigurasi file yang berada pada sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf dengan menambahkan code tepat dibawah baris code #skip-external-locking kemudian tambahkan code sehingga hasilnya akan menajdi seperti ini

skip-external-locking
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix = on

Setelah selesai menambahkan code diatas kemudian lakukan restart mariaDB dengan code ini # sudo systemctl restart mariadb.service atau jika tidak melakukan konfigurasi ini langsung ke tahap pembuatan database Moodle saja.

elanjutnya membuat database Moodle *Latihan

# sudo mysql -u root -p 
CREATE DATABASE moodle;
ALTER DATABASE moodle charset=utf8mb4;
ALTER DATABASE moodle CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci;
GRANT ALL ON root.* to moodle@localhost;
GRANT ALL ON moodle.* TO moodle@localhost IDENTIFIED BY 'moodle';
GRANT ALL ON moodle.* TO moodle identified by 'moodle';
FLUSH PRIVILEGES;
EXIT;

Kalau Operasional lapangan
setup root password (jika diperlukan saja)

mysql
mysql> SET PASSWORD FOR root@localhost=PASSWORD('password');

Setup database operasional dengan username & password akses

# mysql -u root -p
Enter password:
create database moodle;
ALTER DATABASE moodle charset=utf8mb4;
ALTER DATABASE moodle CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci;
grant INSERT,SELECT on root.* to moodle@localhost;
grant CREATE, INSERT, SELECT, DELETE, UPDATE on moodle.* to moodle@localhost identified by "moodlepassword";
grant CREATE, INSERT, SELECT, DELETE, UPDATE on moodle.* to moodle identified by "moodlepassword";
exit

Selanjutnya melakukan restart MariaDB

/etc/init.d/mysql restart

Install PHP 7.4 dan Extension

# sudo apt install -y software-properties-common
# sudo add-apt-repository ppa:ondrej/php
# sudo apt update
# sudo apt install -y php7.4-fpm php7.4-common php7.4-mbstring php7.4-xmlrpc php7.4-soap php7.4-gd php7.4-xml php7.4-intl php7.4-mysql php7.4-cli php7.4-ldap php7.4-zip php7.4-curl php7.4-opcache php7.4-dev php7.4-imap php7.4-imagick \
imagemagick git zip libgd-dev

Selanjutnya melakukan edit pada /etc/php/7.4/fpm/php.ini kemudian cari dan rubah konfigurasi yang terdapat dibawah sesuaikan dengan kebutuhan setelah itu restart service. (cgi.fix_pathinfo dihilangkan ; kemudian 1 dirubah menajdi 0)

# sudo vi /etc/php/7.4/fpm/php.ini
short_open_tag = On (Optional)
file_uploads = On
allow_url_fopen = On
upload_max_filesize = 100M
post_max_size = 48M
memory_limit = 512M
max_execution_time = 380
max_input_vars = 3000
max_input_time = 1000
cgi.fix_pathinfo = 0

Install Moodle

Download Language Pack & Moodle

# download Lang
cd /usr/local/src
wget https://download.moodle.org/download.php/direct/langpack/3.8/id.zip
# download Moodle
cd /usr/local/src
wget https://download.moodle.org/download.php/direct/stable38/moodle-latest-38.tgz

Install Language Pack

cd /usr/local/src
mkdir -p /var/moodledata/lang
cp id.zip /var/moodledata/lang
cd /var/moodledata/lang
unzip id.zip
chmod -Rf 777 /var/moodledata/lang/
chown -Rf www-data:www-data /var/moodledata/lang/

Install Moodle

cd /usr/local/src
tar -zxvf moodle-latest-38.tgz
mv moodle /var/www/html/moodle

Melakukan konfigurasi modifkasi directory permission

# sudo chown -R www-data:www-data /var/www/html/moodle/
# sudo chmod -R 755 /var/www/html/moodle/
# sudo chmod -Rf 777 /var/moodledata/
# sudo chown www-data /var/moodledata

Konfigurasi Nginx
Untuk dapat melayani Moodle pada Webserver Nginx maka harus membuat file konfigurasi Blok Server Nginx dibawah kemudian simpan dan keluar.

# sudo nano /etc/nginx/sites-available/moodle
server {
    listen 80;
    listen [::]:80;
    root /var/www/html/moodle;
    index index.php index.html index.htm;
    server_name 192.168.100.67; #set ke IP Address Server Kamu

    location / {
        try_files $uri $uri/ =404;
    }

    location /dataroot/ {
        internal;
        alias /var/www/html/moodledata/;
    }

    location ~ [^/]\.php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

Selanjutnya mengaktifkan Blok Server

# sudo ln -s /etc/nginx/sites-available/moodle /etc/nginx/sites-enabled/

Sesuai selesai mengaktifkan Block Server kemudian dicek apakah sudah berjalan dengan baik dengan memberikan perintah sudo nginx -t
Lalu kemudian restart Nginx

# sudo systemctl restart nginx

Selanjutnya tinggal selesaikan tahap instalasi, untuk Moodle directory biarkan saja dan untuk konfigurasi Data directory dirubah menjadi /var/moodledata