Install Moodle on NS7

My concern is that php-mysql is called by some web application like wordpress for example but php-mysql and php-mysqlnd are conflicting each other

Resolving Dependencies
--> Running transaction check
---> Package php-mysqlnd.x86_64 0:5.4.16-36.3.el7_2 will be installed
--> Processing Conflict: php-mysql-5.4.16-36.3.el7_2.x86_64 conflicts php-mysqlnd
--> Finished Dependency Resolution
Error: php-mysql conflicts with php-mysqlnd-5.4.16-36.3.el7_2.x86_64

software collection are more intelligent, you have only php5{4,5,6}-php-mysqlnd.x86_64

17 posts were split to a new topic: Working on nethserver-moodle module

Moved all devs comments on a new topic
Let’s keep this thread open only for improving the howto

@robb @syntaxerrormmm I would know if this setting is a mandatory, because it end by an error when I try to log with a Linux client and it fails back by the normal login. Therefore it is not nice to see it.

can we find a name convention here, ‘staff’ is enough good for me, but we could have another way.

In fact I’m really close to find how to authenticate directly in moodle, my concern is that during the web installation moodle is waiting a blank database, so all mysql Injection could be done only after the end of this process. I think that we could launch manually a script for inserting mysql data

=> thoughts please

I do not think Kerberos is mandatory. I would just like that (maybe optionally), you may use the users you created within LDAP as users also of the Moodle platform. Are you using the SAMBA DC container, right?[quote=“stephdl, post:18, topic:5029”]
can we find a name convention here, ‘staff’ is enough good for me, but we could have another way.
[/quote]

Yeah, I do not like it so much, but we may settle for it if we cannot find any valid alternatives. I would suggest Course Creators.[quote=“stephdl, post:18, topic:5029”]
so all mysql Injection could be done only after the end of this process. I think that we could launch manually a script for inserting mysql data
[/quote]

In my mind, all the setup should be silent and with little choice for the user. Basically, the scripts that are configuring the LDAP modules has to be injected right after the database has been created in the provided way by the RPM specfile, then we should leave a choice to the user (better if with a web module) to use internal users or LDAP/AD ones (a flag or a combo-box would be perfect). Only when the option to take users from LDAP/AD has been taken, we should run (internally inside an event) the last piece of SQL injection that will enable LDAP authentication with the chosen methods (and provide a way to fall back if the user changes his/her mind, also).

Well, at least this is what I will try to get to. A lot of work, I know, but this will make the module perfect for production.

1 Like

for now my first attempts are with SAMBA4AD

Since it is a group name, I prefer on one word, not sure about side effects :slight_smile:

I like KISS, so I agree to make something difficult for me, and easy for the end users.

The way I found right now is

  • create the database
  • inject the creation of all tables
  • inject the authentication settings following the state of $sssd (ldap or Samba4 or internal account(means do nothing))

then only the admin account and the field of the website name must be created by the sysadmin.

1 Like

Fine, completely understoodable :slight_smile: [quote=“stephdl, post:20, topic:5029”]
I prefer on one word, not sure about side effects :slight_smile:
[/quote]

Well, it should be a LDAP Common Name anyways, so spaces should be allowed. But I understand. How about replacing the space with an underscore, then?

Completely agree on the roadmap. Also injecting or not the configurations based on SSSD status would be a big plus, but it should be reversable anyways (maybe I don’t want to use LDAP users in a site in which I enabled LDAP).

How about creating a random one as it is done with LDAP or MySQL?

yes, doable but we need to let something to do at the enduser, it is also a matter to let a lot of contacts of the admin (name, email, phone etc)

Then the admin can disable the plugin manually in the configuration file, I don’t want to play too much on a database after the creation/installation.

In another hand it makes me think that the user can install moodle and see he miss about ldap or AD, so I might find a way to do an injection manually if needed.

Mmh, this makes me think on the approach we are taking.

Do we prefer a complete administration of LDAP/AD integration from NS WebGUI (I second this one, really) or we want to leave the user in charge of everything on the inside of Moodle?

I would not do half of the first approach and half of the second if I can, because it is confusing to the final user. Maybe I would also devise something to deny the user to tamper with the settings done via injection, if we decide to take the first route.

So, if the nethserver-moodle package has to setup authentication based on SSSD, I would expect to disable it from the NS WebGUI and not mess with the options inside Moodle anymore.

For optional strings within Moodle (like the Names of the admin user), I don’t see a problem here: if a system administrator wants to customize it, fine for me. Please take into account that LDAP backend doesn’t have all the fields required to compile the information, although AD does.

Same for AD, some fields are missing @davidep @giacomo what about to set more fields in ldap/ad

  • surname
  • firstname
  • service
  • telephone

I don’t understand, you cannot (easily) manage moodle from a panel in nethgui, mainly because the settings are not file based, but database based

That’s the main point. I would take one of this two options:

  • Devise an event nethserver-moodle-update to check and change SQL accordingly to user inputs (enable/disable integration in the WebGUI or following the status of the system when installing), thus satisfying the needs for manageability from the NS WebGUI;
  • Leave completely the integration of AD/LDAP to the sysadmin.

I do think also the first one is feasible, but I don’t want to leave all the fun to you :stuck_out_tongue:
Unfortunately I have a queue of stuff to do (for BgLUG, for TDF, for some schools, for this community) that I really don’t know when I’m able to check for it. Do you happen to know someone that sells some ubiquity, an additional pair of hands or additional 24 hours a day? :stuck_out_tongue:

1 Like

No clues to buy days of 30 hours, I could sleep a bit :’(

1 Like

The Server Manager Users&Groups page sets only a minimal set of attributes. Additional attributes could be managed by other clients, like “phpLDAPadmin”, “AD RSAT tools”, or - why not - moodle itself.

good idea, need to test it, but in the idea to get a real address book usable in a webmail, it could be nice to get if from start

lets drop, the phone field for what I tested is mysql based, so nothing is stored in ldap/ad.

I was talking about Moodle with @robb and others recently so I just installed Moodle 3.4 which needs PHP 7 which I took from nethserver-php-scl by @stephdl :

  • tried postgres 9.6 from SCL without success, now mariadb with mariadb connector is used
  • PHP 7.1
  • custom template /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/90moodle for PHP7.1 settings
  • /etc/my.cnf.d/moodle.cnf for mysql config

This is just for the installation of the new version, for extra settings like AD check the first post of @robb and following…just copy/paste the following to a terminal:

yum -y install http://mirror.de-labrusse.fr/NethServer/7/x86_64/nethserver-stephdl-1.0.6-1.ns7.sdl.noarch.rpm
yum -y install http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum -y install nethserver-mysql nethserver-php-scl php71-php-opcache php71-php-xmlrpc php71-php-intl
wget https://download.moodle.org/download.php/direct/stable34/moodle-latest-34.tgz
tar -xzf moodle-latest-34.tgz
mv moodle /var/www/html/
mkdir /var/www/moodledata
chown -R apache:apache /var/www/moodledata /var/www/html/moodle
mysql
create database moodle character set utf8mb4 collate utf8mb4_bin;
grant all privileges on moodle.* to moodle@localhost identified by 'SECRET';
exit;
mkdir -p /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/
cat << EOF > /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/90moodle
[opcache]
opcache.enable = 1
opcache.memory_consumption = 128
opcache.max_accelerated_files = 8000
opcache.revalidate_freq = 60
; Required for Moodle
opcache.use_cwd = 1
opcache.validate_timestamps = 1
opcache.save_comments = 1
opcache.enable_file_override = 0
[intl]
intl.default_locale = en_utf8
EOF
cat << EOF > /etc/my.cnf.d/moodle.cnf
[client]
default-character-set = utf8mb4
[mysqld]
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
skip-character-set-client-handshake
[mysql]
default-character-set = utf8mb4
EOF
signal-event nethserver-php-scl-update
systemctl restart httpd
systemctl restart mysqld
  • Set php version to 7.1 in php settings in web UI
  • Browse to https://NETHSERVER/moodle
  • DB Type is MariaDB
  • db user moodle, password SECRET
2 Likes

Thanks a lot @mrmarkuz!
I also tried to install Moodle3.4, but did another approach: instead of installing in /var/www/html, I created a vhost and installed in /var/lib/nethserver/vhost/
Pro for this approach is tou can choose php7.x from netgui. I ran into problems that look liked a CSS problem. Con was that even though I changed permissions of the vhost to apache, the configuration script of Moodle during web install part went sour…

If php-scl can be used when installing in /var/www/html by using a custom template (wish I could create them… would love to get some insight info on that) It will be a lot easier to install.

In the previous version of Moodle (3.1, created by @areguera) there is a nice way of creating a custom url. Can this code be re-used for Moodle 3.4?

I noticed that Moodle writes a wwwroot property to its config file. When you connect via http at install it writes http to config and if you connect via https afterwards you have the CSS problem.

Here is the creation of the custom template for PHP7.1. I copied the content from the Moodle homepage.
It’s described here.

mkdir -p /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/
cat << EOF > /etc/e-smith/templates-custom/etc/opt/remi/php71/php.ini/90moodle
[opcache]
opcache.enable = 1
opcache.memory_consumption = 128
opcache.max_accelerated_files = 8000
opcache.revalidate_freq = 60
; Required for Moodle
opcache.use_cwd = 1
opcache.validate_timestamps = 1
opcache.save_comments = 1
opcache.enable_file_override = 0
[intl]
intl.default_locale = en_utf8
EOF

I assume yes but I’ll have a look at it…

Just had your Howto a go and I can confirm it installs perfectly on a clean and updated NS7.4 server.

just 1 remark: if you want to do it 100% syntax correct, you need to add a

flush privileges;

between grant command and exit command in the create database section of the howto.

/edit: just tried to install Moodle on my VPS. Install process seems to go fine, but when I try to reach the webinterface I get a :

Not Found
The requested URL /moodle was not found on this server.

On both name and ip adress of the VPS
Wonder where I messed up… :confused:

2 Likes

I am not a dbadmin and didn’t know that before I read the article but the GRANT command invokes a FLUSH. I know it’s used in plenty of tutorials but it seems to be obsolete.

Please check if the directory /var/www/html/moodle exists.

You simply could run the whole procedure again, existing db is kept.

1 Like