Install Moodle on NS7

yep it is

I assume that I discovered moodle, 1 hour ago, so probably I can say something wrong. the settings n the database can be altered like this

1 Like

When configuring Samba4 AD auth, I received the message that php-ldap wasn’t installed with moodle package from epel. So that one needs to be added too.
Also when you just install from epel, you have to change permissions for the (virtual) host. Default settings gives a 403.
And as @syntaxerrormmm said: all changes that are set during configuration of moodle webbased steps are set in the moodle database in the mdl_config table.

2 Likes

Citing from another site:
To get MySQL support in PHP, we can install the php5-mysql package. But as we use MariaDB here, it is better to use the newer php5-mysqlnd package as the old drivers from php5-mysql will cause warning messages in the logs

This is for debian, but please be aware that it could be true for centos too

1 Like

did a play, not so easy ;(

yep need to be allowed to your local network or to the www

thanks, added

My concern is that php-mysql is called by some web application like wordpress for example but php-mysql and php-mysqlnd are conflicting each other

Resolving Dependencies
--> Running transaction check
---> Package php-mysqlnd.x86_64 0:5.4.16-36.3.el7_2 will be installed
--> Processing Conflict: php-mysql-5.4.16-36.3.el7_2.x86_64 conflicts php-mysqlnd
--> Finished Dependency Resolution
Error: php-mysql conflicts with php-mysqlnd-5.4.16-36.3.el7_2.x86_64

software collection are more intelligent, you have only php5{4,5,6}-php-mysqlnd.x86_64

17 posts were split to a new topic: Working on nethserver-moodle module

Moved all devs comments on a new topic
Let’s keep this thread open only for improving the howto

@robb @syntaxerrormmm I would know if this setting is a mandatory, because it end by an error when I try to log with a Linux client and it fails back by the normal login. Therefore it is not nice to see it.

can we find a name convention here, ‘staff’ is enough good for me, but we could have another way.

In fact I’m really close to find how to authenticate directly in moodle, my concern is that during the web installation moodle is waiting a blank database, so all mysql Injection could be done only after the end of this process. I think that we could launch manually a script for inserting mysql data

=> thoughts please

I do not think Kerberos is mandatory. I would just like that (maybe optionally), you may use the users you created within LDAP as users also of the Moodle platform. Are you using the SAMBA DC container, right?[quote=“stephdl, post:18, topic:5029”]
can we find a name convention here, ‘staff’ is enough good for me, but we could have another way.
[/quote]

Yeah, I do not like it so much, but we may settle for it if we cannot find any valid alternatives. I would suggest Course Creators.[quote=“stephdl, post:18, topic:5029”]
so all mysql Injection could be done only after the end of this process. I think that we could launch manually a script for inserting mysql data
[/quote]

In my mind, all the setup should be silent and with little choice for the user. Basically, the scripts that are configuring the LDAP modules has to be injected right after the database has been created in the provided way by the RPM specfile, then we should leave a choice to the user (better if with a web module) to use internal users or LDAP/AD ones (a flag or a combo-box would be perfect). Only when the option to take users from LDAP/AD has been taken, we should run (internally inside an event) the last piece of SQL injection that will enable LDAP authentication with the chosen methods (and provide a way to fall back if the user changes his/her mind, also).

Well, at least this is what I will try to get to. A lot of work, I know, but this will make the module perfect for production.

1 Like

for now my first attempts are with SAMBA4AD

Since it is a group name, I prefer on one word, not sure about side effects :slight_smile:

I like KISS, so I agree to make something difficult for me, and easy for the end users.

The way I found right now is

  • create the database
  • inject the creation of all tables
  • inject the authentication settings following the state of $sssd (ldap or Samba4 or internal account(means do nothing))

then only the admin account and the field of the website name must be created by the sysadmin.

1 Like

Fine, completely understoodable :slight_smile: [quote=“stephdl, post:20, topic:5029”]
I prefer on one word, not sure about side effects :slight_smile:
[/quote]

Well, it should be a LDAP Common Name anyways, so spaces should be allowed. But I understand. How about replacing the space with an underscore, then?

Completely agree on the roadmap. Also injecting or not the configurations based on SSSD status would be a big plus, but it should be reversable anyways (maybe I don’t want to use LDAP users in a site in which I enabled LDAP).

How about creating a random one as it is done with LDAP or MySQL?

yes, doable but we need to let something to do at the enduser, it is also a matter to let a lot of contacts of the admin (name, email, phone etc)

Then the admin can disable the plugin manually in the configuration file, I don’t want to play too much on a database after the creation/installation.

In another hand it makes me think that the user can install moodle and see he miss about ldap or AD, so I might find a way to do an injection manually if needed.

Mmh, this makes me think on the approach we are taking.

Do we prefer a complete administration of LDAP/AD integration from NS WebGUI (I second this one, really) or we want to leave the user in charge of everything on the inside of Moodle?

I would not do half of the first approach and half of the second if I can, because it is confusing to the final user. Maybe I would also devise something to deny the user to tamper with the settings done via injection, if we decide to take the first route.

So, if the nethserver-moodle package has to setup authentication based on SSSD, I would expect to disable it from the NS WebGUI and not mess with the options inside Moodle anymore.

For optional strings within Moodle (like the Names of the admin user), I don’t see a problem here: if a system administrator wants to customize it, fine for me. Please take into account that LDAP backend doesn’t have all the fields required to compile the information, although AD does.

Same for AD, some fields are missing @davidep @giacomo what about to set more fields in ldap/ad

  • surname
  • firstname
  • service
  • telephone

I don’t understand, you cannot (easily) manage moodle from a panel in nethgui, mainly because the settings are not file based, but database based

That’s the main point. I would take one of this two options:

  • Devise an event nethserver-moodle-update to check and change SQL accordingly to user inputs (enable/disable integration in the WebGUI or following the status of the system when installing), thus satisfying the needs for manageability from the NS WebGUI;
  • Leave completely the integration of AD/LDAP to the sysadmin.

I do think also the first one is feasible, but I don’t want to leave all the fun to you :stuck_out_tongue:
Unfortunately I have a queue of stuff to do (for BgLUG, for TDF, for some schools, for this community) that I really don’t know when I’m able to check for it. Do you happen to know someone that sells some ubiquity, an additional pair of hands or additional 24 hours a day? :stuck_out_tongue:

1 Like

No clues to buy days of 30 hours, I could sleep a bit :’(

1 Like

The Server Manager Users&Groups page sets only a minimal set of attributes. Additional attributes could be managed by other clients, like “phpLDAPadmin”, “AD RSAT tools”, or - why not - moodle itself.

good idea, need to test it, but in the idea to get a real address book usable in a webmail, it could be nice to get if from start

lets drop, the phone field for what I tested is mysql based, so nothing is stored in ldap/ad.

I was talking about Moodle with @robb and others recently so I just installed Moodle 3.4 which needs PHP 7 which I took from nethserver-php-scl by @stephdl :

  • tried postgres 9.6 from SCL without success, now mariadb with mariadb connector is used
  • PHP 7.1
  • custom template /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/90moodle for PHP7.1 settings
  • /etc/my.cnf.d/moodle.cnf for mysql config

This is just for the installation of the new version, for extra settings like AD check the first post of @robb and following…just copy/paste the following to a terminal:

yum -y install http://mirror.de-labrusse.fr/NethServer/7/x86_64/nethserver-stephdl-1.0.6-1.ns7.sdl.noarch.rpm
yum -y install http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum -y install nethserver-mysql nethserver-php-scl php71-php-opcache php71-php-xmlrpc php71-php-intl
wget https://download.moodle.org/download.php/direct/stable34/moodle-latest-34.tgz
tar -xzf moodle-latest-34.tgz
mv moodle /var/www/html/
mkdir /var/www/moodledata
chown -R apache:apache /var/www/moodledata /var/www/html/moodle
mysql
create database moodle character set utf8mb4 collate utf8mb4_bin;
grant all privileges on moodle.* to moodle@localhost identified by 'SECRET';
exit;
mkdir -p /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/
cat << EOF > /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/90moodle
[opcache]
opcache.enable = 1
opcache.memory_consumption = 128
opcache.max_accelerated_files = 8000
opcache.revalidate_freq = 60
; Required for Moodle
opcache.use_cwd = 1
opcache.validate_timestamps = 1
opcache.save_comments = 1
opcache.enable_file_override = 0
[intl]
intl.default_locale = en_utf8
EOF
cat << EOF > /etc/my.cnf.d/moodle.cnf
[client]
default-character-set = utf8mb4
[mysqld]
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
skip-character-set-client-handshake
[mysql]
default-character-set = utf8mb4
EOF
signal-event nethserver-php-scl-update
systemctl restart httpd
systemctl restart mysqld
  • Set php version to 7.1 in php settings in web UI
  • Browse to https://NETHSERVER/moodle
  • DB Type is MariaDB
  • db user moodle, password SECRET
2 Likes