Installing and configuring moodle

[Robert Ševčík (Robajz)]

Dear friends,

I've had the opportunity to install and try Moodle as delivered by Camara - a version I got from Ali / Mikiyas. I'd like to look into the possibility to turn this into a deb package. I have found some old discussion between Rory and Paul - see below. Really, I can see it as a package in colours. I have not created a package myself yet, but have some good understanding of the system. I'm really motivated to give it a go so I'd like to recover as much info as possible and what has been done in this matter.

The reason being the age old distribution of Apache, MySQL, Moodle. It would be best if these could be maintained from the standard repositories. Running old LAMPP distribution invites problems for the unfixed security holes.

Even if we do not turn our moodle distribution into a package itself, the LAMPP distribution could be abandoned in favour of the repository packages or is there any constrain on this? To setup a website in nowadays Ubuntu, all we need to do is place a config file in /etc/apache2/sites-available/, run a2ensite, reload apache2 service. The document root can be copied, then permissions set for the standard www-data user. 

There is a legacy of the www root having to be set in the config file for Moodle. Perhaps this is fixed in the new Moodle? If not, I'd like to take the name-to-address path suggested in the Moodle forum - see below.

Please kick-start me :) 

Also involve parties you find suitable...

An old Camara thread discussing Moodle installation script (Rory, Paul)

http://groups.google.com/group/camaradublin/browse_thread/thread/49d7fefb6d0cdfd9/6258a64f4c9ec754?lnk=gst&q=moodle#

 

A Moodle forum thread advising against "intelligent" scripting in config file and suggesting name resolution to do the job of double www root configuration

http://moodle.org/mod/forum/discuss.php?d=162003#p726661

Kind regards, Robert.

[Paul O'Rourke]

Hi Robert,

Normally an email like yours would be preceded by an introduction from someone with an @camara.ie email (less likely to get dumped in the spam folder).

I don't think I know who you are, or where you are - I'm not great at putting names to faces.  But I suspect you're in Ethiopia.

I don't know what version of Moodle you're looking at, but there's a good chance it's quite old.  The most recent one available was sent to Africa last Summer 2011, and contained about 4GB of content.

The original reason for using the xampp distribution of the lamp stack is that it's completely self-contained and relatively portable.  I'm guessing that you haven't had a chance to look at my install script.

The idea was that the material could be put on to a USB stick and installed to a PC running Ubuntu WITHOUT any Internet access.  In fact the xampp distribution we have can be installed on Ubuntu 8.04, 9.04 and 10.04 without any problems.  I've even put it on to Fedora and Ubuntu 6.10.

At the time (in 2009/2010), we had about three versions of Ubuntu 9.04 in circulation - each with different debs installed.  So when I tried using the official Lamp stack it was extremely difficult to meet all the dependencies.  At one point I had to download about 400MB of deb files.  Then there was the question of how we automated putting in the Moodle database (you couldn't just copy across a couple of files).  The installation instructions started getting very complicated.

With regards to security, the installation as supplied is fairly open but if you want you can secure it (there's documentation on the xampp website).  Of course, the most important security feature we have is that none of the target schools are going to put it on the Internet are they.  If a school wants to put their Moodle on to the Internet, I would always recommend that they obtain a web hosting package.

To be honest, from a technical point of view, I think that the installer package we have at the moment works quite well.  

The big problem we have is that we don't really have a lot of GOOD, RELEVANT CONTENT!

I've copied in Hester in Dublin who may have some advice for you.

Kind Regards,

Paul

Sent from my iPad

--
http://groups.google.ie/group/camaradublin?hl=en

[Robert Ševčík]

Dear friends, 

Thank you for your reactions. I took a while to answer partly for the business of these days, partly to think about it properly.

@Kamal 

what about upgrading the Bitnami package itself? Have you considered this option?

 

Frankly, this crossed my mind quickly but did not stay long. I'll check it out. Thank you. I bet you mean this one - http://bitnami.org/stack/moodle#nativeInstaller sounds cool. Downloading...

@Hester

Understood. Thank you.

@Paul

Normally an email like yours would be preceded by an introduction from someone with an @camara.ie email...

I'm sorry for not introducing myself. I used to attend to Dublin workshop in 2008 a bit. Now I'm getting involved with Camara in Addis after meeting Ali and getting excited about the opportunities.

The original reason for using the xampp distribution of the lamp stack is that it's completely self-contained and relatively portable.  I'm guessing that you haven't had a chance to look at my install script.

I haven't gone deep yet, just getting in touch to see what's the situation...

The idea was that the material could be put on to a USB stick and installed to a PC running Ubuntu WITHOUT any Internet access.  In fact the xampp distribution we have can be installed on Ubuntu 8.04, 9.04 and 10.04 without any problems.  I've even put it on to Fedora and Ubuntu 6.10.

I'm getting to understand the issues of off-line schools and outdated installations rapidly. Though I appreciate that this is the situation, I think we can work around the first - lack of internet - with offline repositories. We need to work out off-line upgrades in any case. The later - outdated installations - I must express my thought on this: running outdated SW in schools can only harm Camara brand. There is a debate about the speed on old machines, but I'm sure we can work this one out. Moodle server should not be a low spec machine anyway. I'm very excited about the news of 10.04 coming out of the kitchen btw.

At the time (in 2009/2010), we had about three versions of Ubuntu 9.04 in circulation - each with different debs installed.  So when I tried using the official Lamp stack it was extremely difficult to meet all the dependencies.  At one point I had to download about 400MB of deb files.  Then there was the question of how we automated putting in the Moodle database (you couldn't just copy across a couple of files).  The installation instructions started getting very complicated.

As expressed before, I don't consider 9.04 a viable target for the proposed changes. For this reason, we can easily focus on bringing the software in-line with the next camarabuntu release. The question mark hags above the migration process - the effort to preserve any content the school may have generated in the mean time.

Regarding database set-up - as far as I'm aware - we can run a post-setup script from inside a deb package. That's how the vanilla moodle is installed I think. My attempt would be to customize ubuntu vanilla moodle deb package and squeeze in it our content. This would be maintained as a patch against ubuntu moodle version. This deb package would be available on-line from a ubuntu-launchpad repository and also from offline repositories.

With regards to security, the installation as supplied is fairly open but if you want you can secure it (there's documentation on the xampp website).  Of course, the most important security feature we have is that none of the target schools are going to put it on the Internet are they.  If a school wants to put their Moodle on to the Internet, I would always recommend that they obtain a web hosting package.

Securing something that is open is a tough job and we are by far no experts on that. I believe that using something secure-by-default and tested-by-experts will be more fruitful. The web does not have to be exposed to the internet to receive attacks. I'm sure the students will try something eventually. Still, why not encourage the school to experiment and get on-line to gain further experience? It's their choice after all.

To be honest, from a technical point of view, I think that the installer package we have at the moment works quite well.  

:D yes, some say "don't fix it if it's not broken". The thing is what broken means. I see this as a flaw, a bad example and a potential threat to our reputation. By all means, it is already excellent and the job done is massive. Let me emphasize this once again: I'm impressed with what we've got, but for sure, we can do even better, can't we?

The big problem we have is that we don't really have a lot of GOOD, RELEVANT CONTENT!

True, and a structure... We need a content person :) I'm just a techie unfortunately...

Kind regards,

Rob

On Wed, Feb 1, 2012 at 11:23, Hester Jackman <hes...@camara.ie> wrote:

Hi Robert,

Sounds like you're doing great work in supporting the hub in Ethiopia. Paul O'Rourke is certainly the man to listen to when it comes to all things Moodle, for the last 3 years we have sent out teams of volunteers from Ireland in the summer and one of the courses they taught was using Moodle. Paul did all the work to get Moodle out there and set up. I'm not even to begin to say I understand what this involves, as I am not at all technical.

As for the content, Paul is right again, it is a hodge podge of materials created over the last few Africa Training programmes, plus some other stuff thrown in there for good measure. This is something that I hope the the new Training Officer will be able to look at, when they are appointed (recruitment currently going on). This year we are not running an Africa training programme from Ireland, so unfortunately  there won't be any work on the training content from this side.

Good luck with the installation!

Kind regards
Hester

--
http://groups.google.ie/group/camaradublin?hl=en

--
Hester Jackman Volunteer Coordinator
_____________________________________________
T: +353 1 6522668  
E: hes...@camara.ie  Skype: hester_camara
_____________________________________________
Camara Education, Chapelizod Industrial Estate, Dublin 20, Ireland
T:+353 1 65 22 665  W: www.camara.ie
 
https://www.facebook.com/CamaraEducate
http://twitter.com/#!/camaraeducation
---------------------------------------------------------------
DISCLAIMER: The information contained in this email and in any attachments is confidential and is designated solely for the attention and use of the intended Recipient(s). If you are not the intended recipient(s) of this email you must not use, disclose, copy, distribute or retain this message, the attachment(s) or any part thereof. If you believe that you have received this email in error please notify us immediately at the contact details set out below. Please also delete all copies of this email and any attachment(s) from your computer system. Unless expressly stated this email is not intended to create any contractual relationship. If this email is not sent in the course of the senders employment or fulfilment of his/her duties to Camara, Camara accepts no liability whatsoever for the content of this message or any attachment(s). Please refer any queries to in...@camara.ie; Camara. Registered office: 40a Sandymount Avenue, Dublin 4 Number: 410223 Ireland.

[Robert Ševčík]

Thank you Kamal!

Not sure how this accident came in, but the Bitnami thing sounds interesting - http://bitnami.org/article/bitnami-modules-as-an-user-i-want-integration - at least their package is used in production environments.

I'm sorry for pushing this security stuff so hard, but if I should take a competitive analysis of our product :) it will not hold water. I understand the benefit of a standalone installation, but from a marketing perspective, as it is, it's a timed bomb. We need Ubuntu&Co more reliable, more useful, more pretty, more fast, more accessible and more secure than Windows - not just theoretically :D. We're hitting on the broader problem of SW upgrade which needs special attention on it's own. We need those security updates from ubuntu (someone else fixing our problems). This is just a beginning, there's file serving, mail serving, proxying, ssh... we can't do this without security updates.

Seriously, moodle is just a bunch of PHP code and some dependencies. I'm not talking any linux distribution. I'm talking a tailor made camarabuntu distribution or even a VM image specific to moodle. That's not impossible to do. Where does the need for moodle on any (beyond End Of Life - dead) OS come from? If I walk into the school with a live flash ubuntu with moodle on it, in less than an hour I leave a functional and secure server behind. A server should be a server. It's normal and expected to be different from a desktop. I see no problem running a brand new release of ubuntu on the server and 10.04 on desktops for instance. 

I agree that "premature optimization is the root of all evil" as a developer. Though, putting salesman boots on, we have a successful product already and as it's getting more exposure, I think it's time to pay some attention to detail. I too love hackers, but here it's Camara brand at risk. Imagine they run their XYZ IS on the same machine... Are we waiting for the hammer to fall? Thin ice with the government and M$ pushing... It takes just one school with a system compromised due to lousy Camara setup to ruin the whole art.

You mention backup, likely more important than all security, that's one thing we're not telling them how to do I think... note taken :)

Cheers, Rob

On Thu, Feb 9, 2012 at 21:22, Kamal <kal...@gmail.com> wrote:

I forgot to say, it seems that Apache Friends also provide upgrades
(at times): http://www.apachefriends.org/en/faq-xampp-linux.html#upgrade

Another idea could be to make a deb package out of the xampp package
to automate the database upgrade and stuff like that, to get the
advantages of both systems ; ) Although I'm not sure if that makes
sense : )

On Thu, Feb 9, 2012 at 7:13 PM, Kamal wrote:
> Hi Robert,
> sorry for the confusion, I said Bitnami but I actually meant xampp : )
> Personally, I like the idea of the patch on the deb package, from the
> technical point of view.
> But I do see the point that the main problem is the content. If there
> is someone working on this, I would rather see her/him/them working on
> the content, or trying to find people to work on the content.
> The idea of these prepackaged stacks, as Paul said, is that you can
> install them on multiple setups, e.g. they don't have dependencies,
> except maybe a non-ancient kernel or similar.
> This is a very good feature. If you have a nice stack + nice content,
> you can install it (or use it for an upgrade) in many schools with
> different distributions and/or releases, 9.04, 10.x, 11.x etc.,
> without worrying too much about upgrading the OS, which in my
> experience (Uganda 2009), can take ages and sometimes not work at all
> (even with the offline repositories).
> As far as I know most distributions have been built with the
> assumption that the machines are always or nearly always online so
> they would automatically and incrementally update themselves.
> Unfortunately for the moment this is not our case : (
> Also, it might be useful to keep the machines in a lab all at the same
> release. If you upgrade the Moodle machine do you then have to upgrade
> all the others? It might be impractical.
> As for the security setup, although not 100% relevant, I would quote
> "premature optimization is the root of all evil" : )
> Honestly, if a school is connected AND exposes a server to the
> internet AND has someone connecting to it from an external IP, I think
> they would be already at such an advanced stage that we could get
> someone from here to help them remotely to secure that install ; )
> If they create their own content, I would rather push them to back up
> their stuff often and give them an easy way to do it.
> I would welcome a kid trying to get unauthorized access to the server,
> we would have one more future hacker to foster :D
> Just my two bits.
>
> Good luck
>
> --
> Kamal

> --
> Kamal

--
Kamal