How to Install Moodle eLearning Platform on Rocky Linux 8
On this page
- Prerequisites
- Step 1 - Configure Firewall
- Step 2 - Install Git
- Step 3 - Install and Configure PHP
- Step 4 - Install and Configure MySQL
- Step 5 - Install Nginx
- Step 6 - Install Moodle
- Step 7 - Configure Moodle
- Step 8 - Install SSL
- Step 9 - Configure Nginx
- Step 10 - Configure SELinux
- Step 11 - Completing Moodle Installation
- Conclusion
Moodle is a free, open-source, online Learning Management System (LMS). It allows educators to create a fully functional website for educational courses complete with an online classroom experience. It is written in PHP. It provides a rich set of features including, wiki, grading, assignment submission, online quizzes, discussion boards, and more.
This guide explains how to install Moodle on a Rocky Linux 8 server.
Prerequisites
-
A server running Rocky Linux 8.
-
A domain name pointing to the server. For our tutorial, we will use the
moodle.example.com
domain. -
A non-root user with sudo privileges.
-
Make sure everything is updated.
$ sudo dnf update
-
Install basic utility packages. Some of them may already be installed.
$ sudo dnf install wget curl nano unzip yum-utils -y
Step 1 - Configure Firewall
The first step is to configure the firewall. Rocky Linux uses Firewalld Firewall. Check the firewall's status.
$ sudo firewall-cmd --state running
The firewall works with different zones, and the public zone is the default one that we will use. List all the services and ports active on the firewall.
$ sudo firewall-cmd --permanent --list-services
It should show the following output.
cockpit dhcpv6-client ssh
Moodle needs HTTP and HTTPS ports to function. Open them.
$ sudo firewall-cmd --add-service=http --permanent $ sudo firewall-cmd --add-service=https --permanent
Reload the firewall to apply the changes.
$ sudo firewall-cmd --reload
Step 2 - Install Git
Git is required by Moodle to grab the application files. Install Git.
$ sudo dnf install git
Step 3 - Install and Configure PHP
We need to install PHP 8.0 for Moodle to work for our tutorial. The first step is to grab the Epel repository.
$ sudo dnf install epel-release
Next, install the Remi repository.
$ sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
Check for available PHP streams.
$ dnf module list php -y Rocky Linux 8 - AppStream Name Stream Profiles Summary php 7.2 [d] common [d], devel, minimal PHP scripting language php 7.3 common [d], devel, minimal PHP scripting language php 7.4 common [d], devel, minimal PHP scripting language php 8.0 common [d], devel, minimal PHP scripting language Remi's Modular repository for Enterprise Linux 8 - x86_64 Name Stream Profiles Summary php remi-7.2 common [d], devel, minimal PHP scripting language php remi-7.3 common [d], devel, minimal PHP scripting language php remi-7.4 common [d], devel, minimal PHP scripting language php remi-8.0 common [d], devel, minimal PHP scripting language php remi-8.1 common [d], devel, minimal PHP scripting language Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
The default version is 7.2. Enable Remi's PHP 8.0 repository.
$ sudo dnf module reset php -y $ sudo dnf module enable php:remi-8.0
Install PHP and the required extensions required by Moodle.
$ sudo dnf install graphviz aspell ghostscript clamav php-fpm php-iconv php-curl php-mysqlnd php-cli php-mbstring php-xmlrpc php-soap php-zip php-gd php-xml php-intl php-json php-sodium php-opcache
Verify the installation.
$ php --version PHP 8.0.21 (cli) (built: Jul 6 2022 10:13:53) ( NTS gcc x86_64 ) Copyright (c) The PHP Group Zend Engine v4.0.21, Copyright (c) Zend Technologies with Zend OPcache v8.0.21, Copyright (c), by Zend Technologies
Open the php.ini
file for editing.
$ sudo nano /etc/php.ini
Change the values of the following variables to set the mail attachment size to 25MB.
upload_max_filesize = 25M post_max_size = 25M
Next, uncomment the variable max_input_vars
by removing the semi-colon in front of it and changing its value to 5000.
max_input_vars = 5000
Save the file by pressing Ctrl + X and entering Y when prompted.
Open the file /etc/php-fpm.d/www.conf
.
$ sudo nano /etc/php-fpm.d/www.conf
Find the user=apache
and group=apache
lines in the file and change them as follows.
... ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. ; RPM: apache user chosen to provide access to the same directories as httpd user = nginx ; RPM: Keep a group allowed to write in log dir. group = nginx ...
Next, uncomment the socket file owner, group, and default permission line and alter them as shown below.
; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. ; Default Values: user and group are set as the running user ; mode is set to 0660 listen.owner = nginx listen.group = nginx listen.mode = 0660
Next, comment out the following line as shown by putting a semi-colon in front of it.
;listen.acl_users = apache,nginx
Save the file by pressing Ctrl + X and entering Y when prompted.
Give proper permissions to the PHP session directory.
$ chown -R nginx:nginx /var/lib/php/session/
Enable and start the PHP-FPM service.
$ sudo systemctl enable php-fpm --now
Step 4 - Install and Configure MySQL
Install MySQL server.
$ sudo dnf install mysql-server
Confirm the installation by checking the version.
$ mysql --version mysql Ver 8.0.26 for Linux on x86_64 (Source distribution)
Enable and start the MySQL service.
$ sudo systemctl enable mysqld --now
Run the Secure installation script.
$ sudo mysql_secure_installation
You will receive several prompts. The first prompt will ask whether you want to install the Validate Password Plugin. Press Y to install the plugin. Choose 2 as its security level which will require your password to be at least 8 characters long and include a mix of uppercase, lowercase, numeric, and special characters.
VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component? Press y|Y for Yes, any other key for No: (Press Y) There are three levels of password validation policy: LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: (Type 2)
Next, you will be asked to create a strong root password. Make sure your password matches the requirements of the Validate plugin.
Please set the password for root here. New password: Re-enter new password:
Next, you will be asked several prompts relating to increasing the security of the database. Press Y in each prompt.
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : (Press Y) Remove anonymous users? (Press y|Y for Yes, any other key for No) : (Press Y) Disallow root login remotely? (Press y|Y for Yes, any other key for No) : (Press Y) Remove test database and access to it? (Press y|Y for Yes, any other key for No) : (Press Y) Reload privilege tables now? (Press y|Y for Yes, any other key for No) : (Press Y) Success. All done!
Log in to the MariaDB shell.
$ sudo mysql
Create a database for Moodle.
mysql > CREATE DATABASE moodledb DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
Create an SQL user to access the database. Replace YourPassword23!
with a password of your choice.
mysql > create user 'moodleuser'@'localhost' IDENTIFIED BY 'YourPassword23!';
Grant moodleuser
access to the database.
mysql > GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodledb.* TO 'moodleuser'@'localhost';
Reload the privilege table.
mysql > FLUSH PRIVILEGES;
Exit the shell.
mysql > exit
Step 5 - Install Nginx
Rocky Linux ships with an older version of Nginx. You need to download the official Nginx repository to install the latest version.
Create and open the /etc/yum.repos.d/nginx.repo
file for creating the official Nginx repository.
$ sudo nano /etc/yum.repos.d/nginx.repo
Paste the following code in it.
[nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
Save the file by pressing Ctrl + X and entering Y when prompted.
Install the Nginx server.
$ sudo dnf install nginx
Verify the installation.
$ nginx -v nginx version: nginx/1.22.0
Step 6 - Install Moodle
Create the public directory for Moodle.
$ sudo mkdir /var/www/html/moodle
Give permission to the logged-in user to access the directory.
$ sudo chown -R $USER:$USER /var/www/html/moodle
Switch to the public directory.
$ cd /var/www/html/moodle
Clone the Moodle Github repository.
$ git clone https://github.com/moodle/moodle.git .
Check the list of available branches.
$ git branch -a
For now, MOODLE_400_STABLE
is the latest available version. Create a local branch called MOODLE_400_STABLE
and set it to track the remote branch.
$ git branch --track MOODLE_400_STABLE origin/MOODLE_400_STABLE
Switch to the newly created local branch.
$ git checkout MOODLE_400_STABLE
Create a data directory for Moodle.
$ sudo mkdir /var/moodledata
Give proper permissions to the Moodle data directory.
$ sudo chown -R nginx /var/moodledata $ sudo chmod -R 775 /var/moodledata
Give write permissions on the Moodle directory.
$ sudo chmod -R 755 /var/www/html/moodle
Step 7 - Configure Moodle
Switch to the Moodle directory.
$ cd /var/www/html/moodle
Copy the sample configuration file to create the Moodle configuration file.
$ cp config-dist.php config.php
Open the configuration file for editing.
$ nano config.php
Lok for the database configuration section, then configure the database where all Moodle data will be stored, as shown below.
$CFG->dbtype = 'mysqli'; // 'pgsql', 'mariadb', 'mysqli', 'auroramysql', 'sqlsrv' or 'oci' $CFG->dblibrary = 'native'; // 'native' only at the moment $CFG->dbhost = 'localhost'; // eg 'localhost' or 'db.isp.com' or IP $CFG->dbname = 'moodledb'; // database name, eg moodle $CFG->dbuser = 'moodleuser'; // your database username $CFG->dbpass = 'YourPassword23!'; // your database password $CFG->prefix = 'mdl_'; // prefix to use for all table names
Also, configure the location of the Moodle domain name and the data directory.
$CFG->wwwroot = 'https://moodle.example.com'; $CFG->dataroot = '/var/moodledata';
Save the file by pressing Ctrl + X and entering Y when prompted.
Step 8 - Install SSL
Certbot tool generates SSL certificates using Let's Encrypt API. It requires the EPEL repository but since we have it installed, we can proceed directly. Issue the following command to install it.
$ sudo dnf install certbot
Generate the SSL certificate.
$ sudo certbot certonly --standalone --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d moodle.example.com
The above command will download a certificate to the /etc/letsencrypt/live/moodle.example.com
directory on your server.
Generate a Diffie-Hellman group certificate.
$ sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
Create a challenge web root directory for Let's Encrypt auto-renewal.
$ sudo mkdir -p /var/lib/letsencrypt
Create a Cron Job to renew the SSL. It will run every day to check the certificate and renew it if needed. For that, first, create the file /etc/cron.daily/certbot-renew
and open it for editing.
$ sudo nano /etc/cron.daily/certbot-renew
Paste the following code.
#!/bin/sh certbot renew --cert-name moodle.example.com --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx"
Save the file by pressing Ctrl + X and entering Y when prompted.
Change the permissions on the task file to make it executable.
$ sudo chmod +x /etc/cron.daily/certbot-renew
Step 9 - Configure Nginx
Create and open the file /etc/nginx/conf.d/moodle.conf
for editing.
$ sudo nano /etc/nginx/conf.d/moodle.conf
Paste the following code in it.
# Redirect all non-encrypted to encrypted server { listen 80; listen [::]:80; server_name moodle.example.com; return 301 https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name moodle.example.com; root /var/www/html/moodle; index index.php; ssl_certificate /etc/letsencrypt/live/moodle.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/moodle.example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/moodle.example.com/chain.pem; ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; access_log /var/log/nginx/moodle.access.log main; error_log /var/log/nginx/moodle.error.log; client_max_body_size 25M; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ ^(.+\.php)(.*)$ { fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_index index.php; fastcgi_pass unix:/run/php-fpm/www.sock; include /etc/nginx/mime.types; include fastcgi_params; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } # Hide all dot files but allow "Well-Known URIs" as per RFC 5785 location ~ /\.(?!well-known).* { return 404; } # This should be after the php fpm rule and very close to the last nginx ruleset. # Don't allow direct access to various internal files. See MDL-69333 location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) { deny all; return 404; } }
Once finished, save the file by pressing Ctrl + X and entering Y when prompted.
Open the file /etc/nginx/nginx.conf
for editing.
$ sudo nano /etc/nginx/nginx.conf
Add the following line before the line include /etc/nginx/conf.d/*.conf;
.
server_names_hash_bucket_size 64;
Save the file by pressing Ctrl + X and entering Y when prompted.
Verify the Nginx configuration file syntax.
$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Enable and start the Nginx service to enable the new configuration.
$ sudo systemctl enable nginx --now
If you get the following error, then it is most probably due to SELinux Restrictions.
nginx: [emerg] open() "/var/run/nginx.pid" failed (13: Permission denied)
To fix the error, run the following commands.
$ sudo ausearch -c 'nginx' --raw | audit2allow -M my-nginx $ sudo semodule -X 300 -i my-nginx.pp
Start the Nginx service again.
$ sudo systemctl start nginx
Step 10 - Configure SELinux
Change the file security context for Moodle's web and data directory.
$ sudo semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/moodle' $ sudo semanage fcontext -a -t httpd_sys_rw_content_t '/var/moodledata' $ sudo restorecon -Rv '/var/www/html/moodle' $ sudo restorecon -Rv '/var/moodledata'
Configure SELinux to allow network connections from Moodle.
$ sudo setsebool -P httpd_can_network_connect on
Step 11 - Completing Moodle Installation
Open the URL https://moodle.example.com
in your browser and you will be presented with the following welcome screen.
Press the Continue button to proceed. Next, the installer will check for system requirements.
If everything is ok, then scroll down and click the Continue button to proceed with the installation of files and database setup.
Click the Continue button once the installation is complete. Next, create an administrator account by filling in the account details as requested.
Once finished, scroll down to the page and click Update profile to proceed.
Next, you will be asked to configure Moodle's front page settings.
Configure it as per requirements and click Save changes to proceed to the Moodle dashboard. Next, click on the Skip link at the bottom if you don't want to register your Moodle site with the company.
Now, you can start using the learning platform.
Conclusion
This concludes our tutorial on installing Moodle learning platform on a Rocky Linux 8 server. If you have any questions, post them in the comments below.