What you need to start

• etch CD-1
• A test x86 desktop computer, keyboard, monitor, mouse, and firewalled internet connection.
• One hour of time. (seriously!)

Directions

Install Debian

Follow the official guide:

http://www.debian.org/releases/stable/installmanual

Log in the root account and edit the /etc/apt/sources.list file adding the official repository nearest to your connection.

# nano /etc/apt/sources.list  

For example, from chili:

---

deb http://security.debian.org/ etch/updates main contrib
deb-src http://security.debian.org/ etch/updates main contrib

deb http://ftp.cl.debian.org/debian/ etch main contrib
deb-src http://ftp.cl.debian.org/debian/ etch main contrib

---

Now to get all the security updates.

# aptitude update
# aptitude dist-upgrade

And reboot to run on the new kernel! (if it is the case)

# reboot

Install web server

Install Apache (skip lighttpd)

At this point we'll need to log in again to the server as root and type:

# aptitude install apache2 libapache2-mod-php5

Press Y to continue the install apache2 with php5 enabled.

Install php5 with some modules:

# aptitude install php5-cgi php5-gd php5-curl php5-xmlrpc php5-cli

Press Y to continue the install.

Restart Apache

# /etc/init.d/apache2 restart

Install lighttpd (skip apache)

At this point we'll need to log in again to the server as root and type:

# aptitude install lighttpd

Press Y to continue the install.

We need enable FastCGI scripts for php5, for this we need change 10-fastcgi.conf file:

# cat /etc/lighttpd/conf-available/10-fastcgi.conf | sed s/'php4'/'php'/g > 10-fastcgi.conf
# mv 10-fastcgi.conf /etc/lighttpd/conf-available/10-fastcgi.conf

then enable FastCGI module in lighttpd:

# lighty-enable-mod fastcgi
# /etc/init.d/lighttpd force-reload

and install php5 with some modules:

# aptitude install php5-cgi php5-gd php5-curl php5-xmlrpc php5-cli

Press Y to continue the install.

Bug's lighttpd

This is for me, since we saw an bug exists in fastcgi, but also another bug exists on having used cgi, if it is enabled,

# lighty-enable-mod cgi
# /etc/init.d/lighttpd force-reload

the installation can that it does not work, and if it works, the use is going to be terrible.

---

---Luis Saavedra.

Install Database

Install MySQL (skip Postgresql)

At this point we'll need to log in again to the server and type:

# aptitude install mysql-server php5-mysql

Press Y to continue the install.

Replace the following string NewRootDatabasePassword with a secure password of your own choosing.

There is no space between the -p and the password on the second command.

# mysqladmin -u root password NewRootDatabasePassword
# mysqladmin -u root -h localhost password NewRootDatabasePassword -pNewRootDatabasePassword

We now need to create the Moodle database and Moodle user in MySQL.

The mysql command will prompt for your NewRootDatabasePassword (from above). Replace NewMoodleDatabasePassword with a secure password of your own choosing.

# mysql -u root -p
> CREATE DATABASE moodle DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
> GRANT ALL PRIVILEGES ON moodle.* TO moodleuser@localhost IDENTIFIED BY 'NewMoodleDatabasePassword';
> GRANT SELECT,LOCK TABLES on moodle.* TO moodlebackup@localhost IDENTIFIED BY 'MoodleBackupPassword';
> FLUSH PRIVILEGES;
> QUIT

The above also creates a backup user moodlebackup so that you can use mysqldump to make database backups without accident.

Restart the database so everything is fine.

# /etc/init.d/mysql restart

Install Postgresql (skip MySQL)

Log in again to the server as root and type:

# aptitude install postgresql-8.1 php5-pgsql

Press Y to continue the install.

We now need to create the database user 'moodleuser'.

# su - postgres
$ createuser -D -A -P moodleuser
$ exit

Enter in a NewMoodleDatabasePassword here, then answer 'N' to the question.

We now need to create the database 'moodle' for the user 'moodleuser'.

# su - postgres
$ createdb -E utf8 -O moodleuser moodle
$ exit

Let's now secure the postgresql database with an admin password.

# su - postgres
$ psql template1
# ALTER USER postgres WITH PASSWORD 'NewAdminDatabasePassword';
# \q
$ exit

Edit the file '/etc/postgresql/8.1/main/pg_hba.conf' and on line 79 change the words ident sameuser to md5.

# nano /etc/postgresql/8.1/main/pg_hba.conf

Restart the database so everything is fine.

# /etc/init.d/postgresql-8.1 restart

Install Moodle

Log in again to the server as root and type:

# cd /var/www
# wget http://download.moodle.org/stable19/moodle-latest-19.tgz
# tar -xzf moodle-latest-19.tgz
# chown www-data.www-data /var/www/moodle
# mkdir /var/moodledata
# chown www-data.www-data /var/moodledata

Configure Moodle website

Log in again to the server as root and type:

# ifconfig

look for your server’s ip address on the 2nd line. On another computer open a web browser and put in your server address:

http://yourIP/moodle

Complete the Moodle install using a secure username and password

Go to a bar for a few hours.

Come back and tell your boss that you FINALLY got the test server running.

Install other software

Virus checking

On the command line, type:

# aptitude install clamav

Press Y to continue the install after each of these apt-get commands.

May have to run it again to configure properly, for this, type:

# mkdir /var/moodledata/quarantinedir
# chown www-data:www-data /var/moodledata/quarantinedir

Word Reading

On the command line, type:

# aptitude install antiword

LaTeX

On the command line, type:

# aptitude install tetex-extra imagemagick

Spell

On the command line, type:

# aptitude install aspell-es

Compression

On the command line, type:

# aptitude install zip unzip

Other Resources

• Step-by-step Install Guide for Ubuntu
• Debian - 1 2 security
• Linux - 1 2 3 security
• MySQL - 1 2 security
• Apache - 1 2 security
• Modsecurity apache2 module
• Moodle Security