How to Install Moodle 3.2 on CentOS 7
Moodle is an open source eLearning software written in PHP. It is used for distance education, e-learning projects, and blended learning. Moodle is an acronym for 'Modular-object-oriented dynamic learning environment', developed by Martin Dougiamas and released under the GPL license to help educators and teachers to create online courses with a focus on interaction and collaborative constructed content.
In this tutorial, I will show you step by step how to install the latest stable Moodle version which is currently 'moodle 3.2'. Moodle will run under the Nginx web server, using a MariaDB database server and using PHP-FPM7.0. For the operating system, we will use CentOS 7.
Prerequisite
- CentOS 7 server
- Root privileges
What we will do:
- Install Nginx
- Install and Configure PHP-FPM
- Install and Configure MariaDB
- Download and Configure Moodle
- Configure SSL and Virtual Host
- Configure SELinux and Firewalld
- Installing Moodle
- Testing
Step 1 - Install Nginx
In this step, we will install Nginx from the epel repository. Nginx is not available on Centos repository by default, so we need to add a new repository 'epel-repository' to install Nginx.
Install the epel-repository with yum command.
yum -y install epel-release
Next, install Nginx from the epel-repository.
yum -y install nginx
When the installation is completed, start Nginx and enable it to start automatically at boot time.
systemctl start nginx
systemctl enable nginx
Nginx has been installed and is running on port 80. Check the open port on the system with netstat.
netstat -plntu
If you do not have the netstat command installed, then you can install the net-tools package to get it.
yum -y install net-tools
Step 2 - Install and Configure PHP-FPM
Moodle 3.2 supports the new PHP 7 version, so we will use PHP 7.0. PHP-FPM 7.0 is not available in the default CentOS repository. There is a third-party repository from 'webtatic' for PHP7 though that I will use here.
Add the new webtatic repository to the system with the rpm command.
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
Next, install PHP-FPM 7.0 with all extensions and packages needed by Moodle.
yum install -y graphviz aspell php70w-fpm php70w-cli php70w-pspell php70w-curl php70w-gd php70w-intl php70w-mysql php70w-xml php70w-xmlrpc php70w-ldap php70w-zip php70w-json php70w-opcache php70w-readline php70w-mbstring php70w-soap
When the installation has been completed, edit the PHP configuration file php.ini with vim.
vim /etc/php.ini
Uncomment the cgi.fix_pathinfo line and change value to 0.
cgi.fix_pathinfo=0
Save the php.ini file and exit vim.
Go to the php-fpm configuration directory and edit the php-fpm configuration file www.conf.
cd /etc/php-fpm.d/
vim www.conf
Change the user and group lines to 'nginx' so that the web server is running under user and group 'nginx'.
user = nginx
group = nginx
Instead of using the server port, we will use a socket file for php-fpm. Change the value of the listen line to '/run/php-fpm/php-fpm.sock'.
listen = /run/php-fpm/php-fpm.sock
Next, uncomment the socket file owner, group and default permission line and alter them as shown as below.
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
Configure the file extensions that PHP will parse.
Allow only .php files.
security.limit_extensions = .php
Uncomment the PHP-FPM environment variable lines below.
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
Save the file and exit the editor.
Now we need to create a new directory for the php session path. Create the new directory and change the owner of the directory to the 'nginx' user and group.
mkdir -p /var/lib/php/session/
chown -R nginx:nginx /var/lib/php/session/
Change owner of the php-fpm socket file directory to nginx user too.
chown -R nginx:nginx /run/php-fpm/
The PHP-FPM configuration has been completed. Start PHP-FPM and add it to automatically start at boot time with the following two systemctl commands.
systemctl start php-fpm
systemctl enable php-fpm
PHP-FPM will run under a socket file, check it to make sure PHP-FPM is running with netstat again.
netstat -lx | grep php-fpm.sock
Step 3 - Install and Configure MariaDB Server
I will use MariaDB as the database server for this tutorial. I will install mariadb-server from the Centos repository and then configure the MariaDB root password, and add a new database and user for Moodle.
Install mariadb-server with the yum command below.
yum -y install mariadb-server mariadb
When the installation has been completed, edit the configuration file my.cnf.
vim /etc/my.cnf
At the end of the '[mysqld]' section, paste the configuration below.
default_storage_engine = innodb
innodb_file_per_table = 1
innodb_file_format = Barracuda
Save and exit, then start MariaDB and enable it to start at boot time.
systemctl start mariadb
systemctl enable mariadb
MariaDB has been installed and is running on port 3306 now, but there is no root password yet, so we need to configure it. Use the command below to set a new MySQL root password.
mysql_secure_installation
You will be asked for a new MySQL root password.
Set root password? [Y/n] Y
New password:
Re-enter new password:
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
MariaDB configuration is done.
Next, connect to the MySQL shell with the 'mysql' command, then create a new database and user for Moodle, grant privileges for the database to the new user.
Connect to the mysql shell.
mysql -u root -p
TYPE YOUR PASSWORD
Run the mysql queries below to create a new user 'moodleuser' with password 'hakaselabs123' and a new database 'moodledb', then grant all privileges of the database to the new user. Please choose a different and secure password on your server!
CREATE DATABASE moodledb DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'moodleuser'@'localhost' IDENTIFIED BY 'hakaselabs123';
GRANT ALL PRIVILEGES ON moodledb.* TO 'moodleuser'@'localhost' IDENTIFIED BY 'hakaselabs123';
FLUSH PRIVILEGES;
User and database for Moodle have been created.
Step 4 - Download and Configure Moodle
We will download Moodle directly from the GitHub repository, so we need the git command on the system. Install git with yum as shown below.
yum -y install git
Next, create a new web root '/var/www/' directory.
mkdir -p /var/www/
Go to the '/var/www/' directory and clone Moodle from the GitHub repository.
cd /var/www/
git clone https://github.com/moodle/moodle.git
Then go to the 'moodle' directory and check the available Moodle branches.
cd moodle/
git branch -a
List the Moodle stable branches, choose the latest stable branch and checkout latest stable branch version.
git branch --track MOODLE_32_STABLE orogin/MOODLE_32_STABLE
git checkout MOODLE_32_STABLE
Now you should be in the latest stable branch of Moodle, you can check that with the git command below.
git status
You will see results below.
# On branch MOODLE_32_STABLE
nothing to commit, working directory clean
Now create a new directory 'moodledata' and make sure the owner of the directory is the 'nginx' user and group.
mkdir -p /var/moodledata
chown -R nginx:nginx /var/moodledata
chmod 777 /var/moodledata
Change the owner of the moodle directory to the 'nginx' user.
chown -R nginx:nginx /var/www/moodle
chmod 755 /var/www/moodle
Moodle has been Downloaded.
Step 5 - Configure SSL and Virtual Host
We will run Moodle o a nginx web server with a secure HTTPS connection. When you are on a live server, then you can use your own certificate file or use a free certificate from let's encrypt. I'm here on my local computer, so I just can generate a new self-signed certificate file on my own.
Create a SSL directory and generate the new certificate files with the openssl command below.
mkdir -p /etc/nginx/ssl/
openssl req -new -x509 -days 365 -nodes -out /etc/nginx/ssl/moodle.crt -keyout /etc/nginx/ssl/moodle.key
Change permission of the private key.
chmod 600 /etc/nginx/ssl/moodle.key
Next, go to the nginx configuration directory using cd command and create a new virtual host file for moodle in the 'conf.d' directory.
cd /etc/nginx/
vim conf.d/moodle.conf
Paste nginx moodle virtual host below.
# PHP Upstream Handler
upstream php-handler {
server unix:/run/php-fpm/php-fpm.sock;
}
# Nginx redirect HTTP to HTTPS - moodle.hakase-labs.com
server {
listen 80;
server_name moodle.hakase-labs.com;
# enforce https
return 301 https://$server_name$request_uri;
}
# HTTPS Configuration
server {
server_name moodle.hakase-labs.com;
listen *:443 ssl http2;
listen [::]:443 ssl http2;
# SSL Configuration
ssl on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_session_tickets off;
#ssl_stapling on;
#ssl_stapling_verify on;
resolver_timeout 5s;
ssl_certificate /etc/nginx/ssl/moodle.crt;
ssl_certificate_key /etc/nginx/ssl/moodle.key;
# Root Moodle Data DIrectory
root /var/www/moodle;
rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
location ^~ / {
try_files $uri $uri/ /index.php?q=$request_uri;
index index.php index.html index.htm;
location ~ \.php$ {
include fastcgi.conf;
fastcgi_pass php-handler;
}
}
}
Save the configuration file and exit vim.
Test the Nginx configuration and make sure there is no error, then restart Nginx.
nginx -t
systemctl restart nginx
SSL Certificates and new virtual host configuration for moodle is completed.
Step 6 - Configure SELinux and Firewalld
In this step, we will configure SELinux and Firewalld. If your SELinux is off and you don't want to use it, then you can skip this step and start to configure Firewalld. Check your SELinux status and make sure firewalld installed.
Check SELinux status with the command below.
sestatus
SELinux is enabled with 'Enforcing' mode.
To configure SELinux, we need the SELinux management tools installed on the system.
Install 'policycoreutils-python' with yum.
yum -y install policycoreutils-python
Now change the SELinux context files and directory settings for the moodle web root directory and the moodle data directory with the semanage command below.
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/moodle(/.*)?'
restorecon -Rv '/var/www/moodle/'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/moodledata(/.*)?'
restorecon -Rv '/var/moodledata/'
SELinux configuration for moodle has been completed, now we must configure Firewalld.
Install firewalld packages if you do not have that.
yum -y install firewalld
Start firewalld and add firewalld automatically to start at boot time.
systemctl start firewalld
systemctl enable firewalld
Next, open the ports for HTTP, HTTPS and SSH with the firewall-cmd command below.
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=ssh
Reload firewalld and check HTTP and HTTPS is on the services list.
firewall-cmd --reload
firewall-cmd --list-all
Firewalld configuration completed.
Step 7 - Install Moodle
Preparation for the Moodle installation has been completed. Now we can install Moodle by visiting the domain name of the Moodle virtual host. In this tutorial, the domain name I used is 'moodle.hakase-labs.com'.
Open your web browser and type the URL 'moodle.hakase-labs.com' in the address bar.
You will see the Moodle installation page, choose your language, in my case 'English', and click 'Next'.
Now enter the configuration data for moodle: web address 'moodle.hakase-labs.com', moodle web root directory '/var/www/moodle', moodledata directory '/var/moodledata' and click 'Next' to continue.
For the database driver, choose 'MySQL' as below and click 'Next'.
Configuration for the moodle database.
- Database host: localhost
- Database name: moodledb
- Database user: moodleuser
- Database password: hakaselabs123
- Table prefix: moodle_
- Database port: 3306
- Unix socket: /var/lib/mysql/mysql.sock
Then click 'Next'.
For the copyright notice, click on the 'Continue' button.
Moodle will check system and all php extension requirements, make sure all results are 'OK', then click 'Continue' to install.
Moodle installation begins. Make sure all results are 'Success', then click on 'Continue' to configure Moodle.
User admin configuration. Type in your info like name email password etc and click on 'Update profile'.
Moodle Front Page Configuration, type in the moodle info and click 'Save Changes'.
And you will be redirected to the Moodle user admin dashboard.
Moodle installation has been completed without error.
Step 8 - Testing
Visit the Moodle front page - moodle.hakase-labs.com.
Moodle Login page - moodle.hakase-labs.com/login/.
Moodle user dashboard.
Moodle site administration for configuring the Moodle system.
Moodle user preferences.
The Moodle installation with Nginx web server, php-fpm, and MariaDB on CentOS 7 system has been successful.