Step-by-step Install Guide for Debian: Difference between revisions
(44 intermediate revisions by the same user not shown) | |||
Line 34: | Line 34: | ||
<pre> | <pre> | ||
# aptitude update | # aptitude update | ||
# aptitude dist-upgrade | # aptitude dist-upgrade | ||
</pre> | </pre> | ||
Line 44: | Line 43: | ||
=== Install web server === | === Install web server === | ||
==== Install Apache (skip lighttpd) ==== | |||
At this point we'll need to log in again to the server as root and type: | |||
<pre> | |||
# aptitude install apache2 libapache2-mod-php5 | |||
</pre> | |||
Press Y to continue the install apache2 with php5 enabled. | |||
Install php5 with some modules: | |||
<pre> | |||
# aptitude install php5-cgi php5-gd php5-curl php5-xmlrpc php5-cli | |||
</pre> | |||
Press Y to continue the install. | |||
Restart Apache | |||
<pre> | |||
# /etc/init.d/apache2 restart | |||
</pre> | |||
==== Install lighttpd (skip apache) ==== | ==== Install lighttpd (skip apache) ==== | ||
Line 53: | Line 71: | ||
Press Y to continue the install. | Press Y to continue the install. | ||
We need enable | We need enable FastCGI scripts for php5, for this we need change 10-fastcgi.conf file: | ||
<pre> | <pre> | ||
# lighty-enable-mod | # cat /etc/lighttpd/conf-available/10-fastcgi.conf | sed s/'php4'/'php'/g > 10-fastcgi.conf | ||
# mv 10-fastcgi.conf /etc/lighttpd/conf-available/10-fastcgi.conf | |||
</pre> | |||
then enable FastCGI module in lighttpd: | |||
<pre> | |||
# lighty-enable-mod fastcgi | |||
# /etc/init.d/lighttpd force-reload | # /etc/init.d/lighttpd force-reload | ||
</pre> | </pre> | ||
Line 64: | Line 88: | ||
</pre> | </pre> | ||
Press Y to continue the install. | Press Y to continue the install. | ||
===== Bug's lighttpd ===== | |||
This is for me, since we saw an bug exists in fastcgi, but also another bug exists on having used cgi, if it is enabled, | |||
<pre> | |||
# lighty-enable-mod cgi | |||
# /etc/init.d/lighttpd force-reload | |||
</pre> | |||
the installation can that it does not work, and if it works, the use is going to be terrible. | |||
---- ---Luis Saavedra. | |||
=== Install Database === | |||
==== Install MySQL (skip Postgresql) ==== | |||
At this point we'll need to log in again to the server and type: | |||
<pre> | |||
# aptitude install mysql-server php5-mysql | |||
</pre> | |||
Press ''Y'' to continue the install. | |||
Replace the following string ''NewRootDatabasePassword'' with a secure password of your own choosing. | |||
There is no space between the ''-p'' and the password on the second command. | |||
<pre> | |||
# mysqladmin -u root password NewRootDatabasePassword | |||
# mysqladmin -u root -h localhost password NewRootDatabasePassword -pNewRootDatabasePassword | |||
</pre> | |||
We now need to create the Moodle database and Moodle user in MySQL. | |||
The mysql command will prompt for your ''NewRootDatabasePassword'' (from above). | |||
Replace ''NewMoodleDatabasePassword'' with a secure password of your own choosing. | |||
<pre> | |||
# mysql -u root -p | |||
> CREATE DATABASE moodle DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; | |||
> GRANT ALL PRIVILEGES ON moodle.* TO moodleuser@localhost IDENTIFIED BY 'NewMoodleDatabasePassword'; | |||
> GRANT SELECT,LOCK TABLES on moodle.* TO moodlebackup@localhost IDENTIFIED BY 'MoodleBackupPassword'; | |||
> FLUSH PRIVILEGES; | |||
> QUIT | |||
</pre> | |||
The above also creates a backup user moodlebackup so that you can use ''mysqldump'' to make database backups without accident. | |||
Restart the database so everything is fine. | |||
<pre> | |||
# /etc/init.d/mysql restart | |||
</pre> | |||
==== Install Postgresql (skip MySQL) ==== | |||
Log in again to the server as root and type: | |||
<pre> | |||
# aptitude install postgresql-8.1 php5-pgsql | |||
</pre> | |||
Press Y to continue the install. | |||
We now need to create the database user 'moodleuser'. | |||
<pre> | |||
# su - postgres | |||
$ createuser -D -A -P moodleuser | |||
$ exit | |||
</pre> | |||
Enter in a ''NewMoodleDatabasePassword here'', then answer 'N' to the question. | |||
We now need to create the database 'moodle' for the user 'moodleuser'. | |||
<pre> | |||
# su - postgres | |||
$ createdb -E utf8 -O moodleuser moodle | |||
$ exit | |||
</pre> | |||
Let's now secure the postgresql database with an admin password. | |||
<pre> | |||
# su - postgres | |||
$ psql template1 | |||
# ALTER USER postgres WITH PASSWORD 'NewAdminDatabasePassword'; | |||
# \q | |||
$ exit | |||
</pre> | |||
Edit the file '/etc/postgresql/8.1/main/pg_hba.conf' and on line 79 change the words ''ident sameuser'' to ''md5''. | |||
<pre> | |||
# nano /etc/postgresql/8.1/main/pg_hba.conf | |||
</pre> | |||
Restart the database so everything is fine. | |||
<pre> | |||
# /etc/init.d/postgresql-8.1 restart | |||
</pre> | |||
=== Install Moodle === | |||
Log in again to the server as root and type: | |||
<pre> | |||
# cd /var/www | |||
# wget http://download.moodle.org/stable19/moodle-latest-19.tgz | |||
# tar -xzf moodle-latest-19.tgz | |||
# chown www-data.www-data /var/www/moodle | |||
# mkdir /var/moodledata | |||
# chown www-data.www-data /var/moodledata | |||
</pre> | |||
==== Configure Moodle website ==== | |||
Log in again to the server as root and type: | |||
<pre> | |||
# ifconfig | |||
</pre> | |||
look for your server’s ip address on the 2nd line. On another computer open a web browser and put in your server address: | |||
<pre> | |||
http://yourIP/moodle | |||
</pre> | |||
Complete the Moodle install using a secure username and password | |||
Go to a bar for a few hours. | |||
Come back and tell your boss that you FINALLY got the test server running. | |||
=== Install other software === | |||
==== Virus checking ==== | |||
On the command line, type: | |||
<pre> | |||
# aptitude install clamav | |||
</pre> | |||
Press ''Y'' to continue the install after each of these apt-get commands. | |||
May have to run it again to configure properly, for this, type: | |||
<pre> | |||
# mkdir /var/moodledata/quarantinedir | |||
# chown www-data:www-data /var/moodledata/quarantinedir | |||
</pre> | |||
==== Word Reading==== | |||
On the command line, type: | |||
<pre> | |||
# aptitude install antiword | |||
</pre> | |||
==== LaTeX ==== | |||
On the command line, type: | |||
<pre> | |||
# aptitude install tetex-extra imagemagick | |||
</pre> | |||
==== Spell ==== | |||
On the command line, type: | |||
<pre> | |||
# aptitude install aspell-es | |||
</pre> | |||
==== Compression ==== | |||
On the command line, type: | |||
<pre> | |||
# aptitude install zip unzip | |||
</pre> | |||
== Other Resources == | |||
* [[Step-by-step_Install_Guide_for_Ubuntu| Step-by-step Install Guide for Ubuntu]] | |||
* Debian - [http://www.debian.org/security/ 1] [http://www.us.debian.org/doc/user-manuals#securing 2] security | |||
* Linux - [http://www.linux-sec.net/ 1] [http://www.puschitz.com/SecuringLinux.shtml 2] [http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/ 3] security | |||
* MySQL - [http://dev.mysql.com/doc/refman/5.0/en/security.html 1] [http://www.securityfocus.com/infocus/1667 2] security | |||
* Apache - [http://httpd.apache.org/docs/2.0/misc/security_tips.html 1] [http://www.cisecurity.org/bench_apache.html 2] security | |||
* [http://www.modsecurity.org/documentation/index.html Modsecurity apache2 module] | |||
* Moodle [[Security]] | |||
[[Category:Administrator]] | |||
[[Category:Installation|Debian]] |
Latest revision as of 11:22, 28 August 2008
What you need to start
- etch CD-1
- A test x86 desktop computer, keyboard, monitor, mouse, and firewalled internet connection.
- One hour of time. (seriously!)
Directions
Install Debian
Follow the official guide:
http://www.debian.org/releases/stable/installmanual
Log in the root account and edit the /etc/apt/sources.list file adding the official repository nearest to your connection.
# nano /etc/apt/sources.list
For example, from chili:
deb http://security.debian.org/ etch/updates main contrib
deb-src http://security.debian.org/ etch/updates main contrib
deb http://ftp.cl.debian.org/debian/ etch main contrib
deb-src http://ftp.cl.debian.org/debian/ etch main contrib
Now to get all the security updates.
# aptitude update # aptitude dist-upgrade
And reboot to run on the new kernel! (if it is the case)
# reboot
Install web server
Install Apache (skip lighttpd)
At this point we'll need to log in again to the server as root and type:
# aptitude install apache2 libapache2-mod-php5
Press Y to continue the install apache2 with php5 enabled.
Install php5 with some modules:
# aptitude install php5-cgi php5-gd php5-curl php5-xmlrpc php5-cli
Press Y to continue the install.
Restart Apache
# /etc/init.d/apache2 restart
Install lighttpd (skip apache)
At this point we'll need to log in again to the server as root and type:
# aptitude install lighttpd
Press Y to continue the install.
We need enable FastCGI scripts for php5, for this we need change 10-fastcgi.conf file:
# cat /etc/lighttpd/conf-available/10-fastcgi.conf | sed s/'php4'/'php'/g > 10-fastcgi.conf # mv 10-fastcgi.conf /etc/lighttpd/conf-available/10-fastcgi.conf
then enable FastCGI module in lighttpd:
# lighty-enable-mod fastcgi # /etc/init.d/lighttpd force-reload
and install php5 with some modules:
# aptitude install php5-cgi php5-gd php5-curl php5-xmlrpc php5-cli
Press Y to continue the install.
Bug's lighttpd
This is for me, since we saw an bug exists in fastcgi, but also another bug exists on having used cgi, if it is enabled,
# lighty-enable-mod cgi # /etc/init.d/lighttpd force-reload
the installation can that it does not work, and if it works, the use is going to be terrible.
---Luis Saavedra.
Install Database
Install MySQL (skip Postgresql)
At this point we'll need to log in again to the server and type:
# aptitude install mysql-server php5-mysql
Press Y to continue the install.
Replace the following string NewRootDatabasePassword with a secure password of your own choosing.
There is no space between the -p and the password on the second command.
# mysqladmin -u root password NewRootDatabasePassword # mysqladmin -u root -h localhost password NewRootDatabasePassword -pNewRootDatabasePassword
We now need to create the Moodle database and Moodle user in MySQL.
The mysql command will prompt for your NewRootDatabasePassword (from above). Replace NewMoodleDatabasePassword with a secure password of your own choosing.
# mysql -u root -p > CREATE DATABASE moodle DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; > GRANT ALL PRIVILEGES ON moodle.* TO moodleuser@localhost IDENTIFIED BY 'NewMoodleDatabasePassword'; > GRANT SELECT,LOCK TABLES on moodle.* TO moodlebackup@localhost IDENTIFIED BY 'MoodleBackupPassword'; > FLUSH PRIVILEGES; > QUIT
The above also creates a backup user moodlebackup so that you can use mysqldump to make database backups without accident.
Restart the database so everything is fine.
# /etc/init.d/mysql restart
Install Postgresql (skip MySQL)
Log in again to the server as root and type:
# aptitude install postgresql-8.1 php5-pgsql
Press Y to continue the install.
We now need to create the database user 'moodleuser'.
# su - postgres $ createuser -D -A -P moodleuser $ exit
Enter in a NewMoodleDatabasePassword here, then answer 'N' to the question.
We now need to create the database 'moodle' for the user 'moodleuser'.
# su - postgres $ createdb -E utf8 -O moodleuser moodle $ exit
Let's now secure the postgresql database with an admin password.
# su - postgres $ psql template1 # ALTER USER postgres WITH PASSWORD 'NewAdminDatabasePassword'; # \q $ exit
Edit the file '/etc/postgresql/8.1/main/pg_hba.conf' and on line 79 change the words ident sameuser to md5.
# nano /etc/postgresql/8.1/main/pg_hba.conf
Restart the database so everything is fine.
# /etc/init.d/postgresql-8.1 restart
Install Moodle
Log in again to the server as root and type:
# cd /var/www # wget http://download.moodle.org/stable19/moodle-latest-19.tgz # tar -xzf moodle-latest-19.tgz # chown www-data.www-data /var/www/moodle # mkdir /var/moodledata # chown www-data.www-data /var/moodledata
Configure Moodle website
Log in again to the server as root and type:
# ifconfig
look for your server’s ip address on the 2nd line. On another computer open a web browser and put in your server address:
http://yourIP/moodle
Complete the Moodle install using a secure username and password
Go to a bar for a few hours.
Come back and tell your boss that you FINALLY got the test server running.
Install other software
Virus checking
On the command line, type:
# aptitude install clamav
Press Y to continue the install after each of these apt-get commands.
May have to run it again to configure properly, for this, type:
# mkdir /var/moodledata/quarantinedir # chown www-data:www-data /var/moodledata/quarantinedir
Word Reading
On the command line, type:
# aptitude install antiword
LaTeX
On the command line, type:
# aptitude install tetex-extra imagemagick
Spell
On the command line, type:
# aptitude install aspell-es
Compression
On the command line, type:
# aptitude install zip unzip