RedHat Linux installation: Difference between revisions
Walter Cheuk (talk | contribs) |
Walter Cheuk (talk | contribs) |
||
Line 44: | Line 44: | ||
== Firewall == | == Firewall == | ||
The internal firewall (RHEL since version 7 uses 'firewalld') is on by default. It will block the access to the web server. You may stop it first to test connection: | The internal firewall (RHEL since version 7 uses 'firewalld'[https://firewalld.org/]) is on by default. It will block the access to the web server. You may stop it first to test connection: | ||
<pre> | <pre> |
Revision as of 09:49, 16 September 2019
Server Installation
- Web Server
- Moodle 3.7 needs PHP 7.1; RHEL8 comes with PHP 7.2.[1]
- Database
- Moodle 3.7 needs MariaDB 5.5 or MySQL 5.6; RHEL8 comes with MariaDB 10.3 and MySQL 8.0 (They cannot be installed at the same time).[2]
- BEWARE OF the 'Server with a GUI' option, it may not work as expected.
Note: Set up the firewall if necessary. You probably only need to enable HTTP/HTTPS (and perhaps FTP and SSH) access to your server machine, unless you know the difference.
Network Interface
During installation, under "System" -> "Network & Host Name", remember to enable the NIC. It's not enabled by default.
Configure hostname and domain name
Type system-config-network to open the GUI editor. Click on the DNS tab. In the "DNS Search Path" fill in your domain name for example myuniversity.edu. Now ensure the "Hostname" contains the computer name you will use and click activate to make changes
System Registration
- To receive package updates, create a user account at redhat.com, and then login and register as developer at https://developers.redhat.com/
- Subscribe the system by:
subscription-manager register --auto-attach
Enter the username and password as requested.
- Update the system and then reboot
yum update reboot
See [3]
SELinux
Default RedHat Enterprise Linux comes with SELinux set to 'enforcing'. But this may cause user problem accessing web content placed at directory other than the default directory (/var/www/html) or other access problem. If you are not used to SELinux and setting permissions, it's (maybe less secure but) often easier to lower the SELinux level to 'permissive' or even 'disabled'.
# vi /etc/sysconfig/selinux SELINUX=disabled
See the CentOS [4]
Firewall
The internal firewall (RHEL since version 7 uses 'firewalld'[5]) is on by default. It will block the access to the web server. You may stop it first to test connection:
service firewalld stop
and then either disable it:
chkconfig firewalld off
or enable permanent HTTP access to it, you may want to enable HTTPS as well:
firewall-cmd --permanent --zone=public --add-service=http firewall-cmd --permanent --zone=public --add-service=https
Restart the firewall and then check the allow status:
service firewalld restart firewall-cmd --zone=public --list-services
To use iptables instead of firewalld, see [6]
MariaDB / MySQL
- Make sure at least 'mariadb' and 'mariadb-server' packages are installed.
- (use "mysql" and "mysql-server" for MySQL)
yum install mariadb mariadb-server
- Then get the daemon running, it is not running by default. And set it to auto-start. See also [7]
- (use "mysqld" for MySQL)
service mariadb start; chkconfig mariadb on
- Edit /etc/my.cnf (May be different for MySQL) (MariaDB 10.3 doesn't need this as these are already the default settings.)
vi /etc/my.cnf
Scroll down to the [mysqld] section and under "Basic Settings", add the following line under the last statement.
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix
- If you haven't yet, as root, change the MariaDB/MySQL root password, also secure the installation
- mysql_secure_installation
- Next, set up the MariaDB/MySQL database (see http://moodle.org/doc/?file=install.html#Database for more details)
- Launch MariaDB/MySQL as root
- mysql -u root -p
- (at the password prompt, enter the password from above)
- mysql -u root -p
- At the '>' MariaDB/MySQL prompt, enter the following commands (MariaDB/MySQL commands are ended with a ';')
- CREATE DATABASE mymoodle CHARSET 'utf8mb4';
- ('mymoodle' is the name of the database you would like to use, it will be entered to the Moodle 'config.php' later)
- GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON mymoodle.* TO moodleuser@localhost IDENTIFIED BY 'moodlepass';
- (as above, 'mymoodle', 'moodleuser' and 'moodlepass' will be entered to the Moodle 'config.php' later)
- flush privileges;
- quit
- CREATE DATABASE mymoodle CHARSET 'utf8mb4';
- (! Consider MariaDB/MySQL security - not covered here. If you run a firewall, you don't have too much to worry about.)
Setup Moodle
(I will install under /usr/moodle, data in /usr/moodle_data)
Download
- Download your favourite version of Moodle from moodle.org (.zip archive is easiest)
- as Root create folder under /usr and copy zip
- su
- mkdir /usr/moodle
- mkdir /usr/moodle_data
- cp moodle_111.zip /usr/moodle
- If you prefer you can install the GIT version directly for all the latest features. Instead of downloading and copying the zip file. See Git_for_Administrators for details.
- cd /usr
- git clone git://git.moodle.org/moodle.git
- Or if you prefer you can install the CVS version directly for all the latest features. Instead of downloading and copying the zip file.
- cd /usr/moodle
- cvs -d:pserver:anonymous@uk.cvs.moodle.org:/cvsroot/moodle login
- cvs -z3 -d:pserver:anonymous@uk.cvs.moodle.org:/cvsroot/moodle co moodle
Unpack and set file permission etc
- Still as root we unpack moodle and rename to something appropiate (I have multiple moodle installs, hence this setup). I will call this install mymoodle.
- cd /usr/moodle
- unzip moodle_xxx.zip
- mv moodle mymoodle
- (optional step - I have more than one install under /usr/moodle)
- mkdir /usr/moodle_data/mymoodle
- (same name as the moodle install above)
- chown -R apache:apache /usr/moodle
- (! Giving Apache full rights to your Moodle programs is not secure. Check out the forums for recomendations on how to secure a production environment.)
- chown -R apache:apache /usr/moodle_data
Setup config.php
- Still as root copy and edit the config file, you should know the host/domain name for your server
- cd /usr/moodle/mymoodle
- cp config-dist.php config.php
- vi config.php (or whatever your favourite editor is!)
- Your config.php settings should be something like...
- dbtype = 'mariadb' (use 'mysqli' for MySQL)
- dbhost = 'localhost'
- dbname = 'mymoodle'
- dbuser = 'moodleuser'
- dbpass = 'moodlepass' (<-- better make this something of your own)
- prefix = 'mdl_'
- (Use different prefix if there is more than one instance of Moodle on the same server, and you plan to share the database)
- wwwroot = 'http://myhost.mydomain'
- (If you only want to try moodle out and will not be accessing it from other machines you can use 'http://localhost/mymoodle')
- dataroot = '/usr/moodle_data/mymoodle'
- Save your changes and exit from the editor
Apache
- Install it if it's not installed already.
yum install httpd
or everything
yum install httpd*
- Start it and make it auto-start after reboot:
service httpd start; chkconfig httpd on
- Open a web browser and make sure you can connect to the installed web server and default port (80) of the server. If not OK, it may be blocked by the firewall (see above). Correct the problem before continuing.
- Edit the Apache configuration file
/etc/httpd/conf/httpd.conf
- Right at the end of the file add the following lines:
- <Directory "/usr/moodle/mymoodle"> (the directory used during Moodle installation)
- DirectoryIndex index.php
- AcceptPathInfo on
- AllowOverride None
- Options None
- Order allow,deny
- Allow from all
- </Directory>
- Alias /mymoodle "/usr/moodle/mymoodle"
- Don't insert a space in "allow,deny" (common mistake!)
- You might also want to run through the rest of the config file and make some other (obvious) changes - administrator email and suchlike. Not vital though.
- Run the Services application (same as for Mysql) - tick and start "httpd", then save changes and exit.
Setting Document Root
Edit
/etc/httpd/conf/httpd.conf
Change From: DocumentRoot /var/www/html
Change To: DocumentRoot /var/www/html/mymoodle
If you want the web site to be served as "http://www.whatever.com/mymoodle" instead of "http://www.whatever.com", don't change it, and modify the 'wwwroot' parameter of Moodle 'config.php' file accordingly.
PHP
- Install PHP:
yum install php php-cli php-common php-fpm php-gd php-intl php-json php-mbstring php-mysqlnd php-opcache php-pdo php-xml php-xmlrpc php-pecl-zip php-soap
- Check the installed PHP version:
# php -v
- Restart the web server so that PHP can start working:
service httpd restart
- Create a "phpinfo.php" file within the "/var/www/html" directory (or anywhere the Apache "DocumentRoot" points to) with the following content:
<?php phpinfo(); ?>
And then open web browser and browse to "http://webserver/phpinfo.php" to make sure PHP is working with the web server. Then remove the file for security reason.
Install Moodle
Now everything's ready. Use web browser to open "http://webserver/mymoodle/install.php" to start the installation.
Set up cron job
As root user edit the /etc/crontab file using vi (or another editor) OR you can add a line to the root user's "personal" crontab (don't do both!).
CLI version
- If you wish to place an entry in your root user's crontab use:
crontab -e
- Add the following line:
*/5 * * * * /usr/bin/php /path/to/mymoodle/admin/cli/cron.php
to run the command every 5 minutes.
Web version
- If you wish to place an entry in your root user's crontab use:
- crontab -e
- Add the following line:
- */5 * * * * /usr/bin/wget -O /dev/null http://localhost/mymoodle/admin/cron.php
- (change the URL as appropriate for your site)
- */5 * * * * /usr/bin/wget -O /dev/null http://localhost/mymoodle/admin/cron.php
---
- If you wish to add an entry in /etc/crontab:
- Open the /etc/crontab file in an editor (vi).
- Add the following line:
- */5 * * * * root /usr/bin/wget -O /dev/null http://localhost/mymoodle/admin/cron.php
- (change the URL as appropriate for your site)
- */5 * * * * root /usr/bin/wget -O /dev/null http://localhost/mymoodle/admin/cron.php
---
- In either case, don't forget to save the file and exit (in vi that is <Esc>, then ':wq')
Try your new installation
http://myhost.mydomain/admin or http://myhost.mydomain/mymoodle/admin
or, if you are running the browser on the same machine
http://localhost/admin or http://localhost/mymoodle/admin
Installing SSL certificate
After installing the SSL certificate, change the 'http' to 'https' in the 'wwwroot' parameter of Moodle 'config.php' file.