Merge pull request #2841 from holta/moodle-no-apache

WIP: Moodle on NGINX not Apache
2025-02-13 11:42:08 +00:00 · 2021-07-05 23:39:36 -04:00 · 2021-07-05 23:39:36 -04:00 · 4699c717d0
commit 4699c717d0
parent 0d54b497aa 274a4b7abf
10 changed files with 154 additions and 130 deletions
--- a/roles/moodle/defaults/main.yml
+++ b/roles/moodle/defaults/main.yml
@ -1,5 +1,5 @@
-# If using Moodle intensively, consider setting nginx_high_php_limits in:
-# /etc/iiab/local_vars.yml
+# 2021-07-02 WARNING: Stage 4's roles/www_options/tasks/main.yml FORCES
+# (the equivalent of) 'nginx_high_php_limits: True' if 'moodle_install: True'

 # moodle_install: False
 # moodle_enabled: False
@ -8,7 +8,7 @@
 # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!

 moodle_version: 311
-moodle_repo_url: https://github.com/moodle/moodle.git
+moodle_repo_url: https://github.com/moodle/moodle
 #moodle_repo_url: git://git.moodle.org/moodle.git    # 2020-10-16: VERY Slow!
 moodle_base: "{{ iiab_base }}/moodle"    # /opt/iiab
 moodle_data: "{{ content_base }}/moodle"    # /library
--- a/roles/moodle/tasks/apache.yml.unused
+++ b/roles/moodle/tasks/apache.yml.unused
--- a/roles/moodle/tasks/install.yml
+++ b/roles/moodle/tasks/install.yml
@ -1,36 +1,10 @@
 # 2021-05-22: FYI nginx_high_php_limits is effectively now auto-enabled by
 # www_options/tasks/main.yml#L100-L112 (as required by Moodle 3.11 w/ PHP 8) IF
 # 'moodle_install: True'. Happens at the end of 4-server-options/tasks/main.yml
-# See the 6 settings in /etc/php/{{ php_version }}/fpm/php.ini -- which Moodle
-# should take advantage of soon, as it transitions from Apache to Moodle: #2785
+# See the 6 settings in /etc/php/{{ php_version }}/fpm/php.ini

 # 2021-06-28: This ALSO now happens in /etc/php/{{ php_version }}/cli/php.ini
-# (as required by Moodle's CLI installer) AND THIRDLY below (for now, until
-# Moodle's ported to NGINX!) in /etc/php/{{ php_version }}/apache2/php.ini
-
- name: "Set 'apache_install: True' and 'apache_enabled: True'"
-  set_fact:
-    apache_install: True
-    apache_enabled: True
-
- name: APACHE - run 'httpd' role
-  include_role:
-    name: httpd
-
- name: "Enact the equivalent of 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/{{ apache_service }}/php.ini for Moodle 3.11+"
-  lineinfile:
-    path: /etc/php/{{ php_version }}/{{ apache_service }}/php.ini    # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/cli/php.ini
-    regexp: "{{ item.regexp }}"
-    line: "{{ item.line }}"
-  with_items:
-    - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 500M    ; default is 2M' }
-    - { regexp: '^post_max_size', line: 'post_max_size = 500M    ; default is 8M' }
-    - { regexp: '^max_execution_time', line: 'max_execution_time = 300    ; default is 30' }
-    - { regexp: '^max_input_time', line: 'max_input_time = 300    ; default is 60' }
-    - { regexp: '^memory_limit', line: 'memory_limit = 512M    ; default is 128M / Nextcloud requests 512M' }
-    - { regexp: '^max_input_vars', line: 'max_input_vars = 5000    ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
-
-# Apache's restarted prior to moodle_installer below, so no need right here!
+# (as required by Moodle's CLI installer, DESPITE it using fpm/php.ini later!)


 - name: "Set 'postgresql_install: True' and 'postgresql_enabled: True'"
@ -43,10 +17,14 @@
    name: postgresql


+# 2021-07-02: Let's monitor & learn from these 2 pages year-by-year:
 # https://docs.moodle.org/19/en/PHP_settings_by_Moodle_version#PHP_Extensions_and_libraries
- name: Install libsodium23 + 8 PHP packages (run 'php -m' or 'php -i' to verify)
+# https://github.com/moodlebox/moodlebox/blob/master/roles/packages/vars/main.yml
+- name: Install ghostscript + libsodium23 + 8 PHP packages (run 'php -m' or 'php -i' to verify)
  package:
    name:
+      #- php-apcu                        # 2021-07-02: Experiment with fewer dependencies
+      - ghostscript                      # 2021-07-02: OPTIONAL -- but useful for annotation of PDF's / assignments
      - libsodium23                      # 2021-06-28: Likewise installed in nginx/tasks/install.yml via php{{ php_version }}-fpm AND httpd/tasks/install.yml via libapache2-mod-php{{ php_version }} AND wordpress/tasks/install.yml -- it can ALSO be auto-installed by phpX.Y-cgi OR phpX.Y-cli as confirmed by 'apt rdepends libsodium23' -- Recommended by Moodle 3.11+ at https://docs.moodle.org/311/en/Environment_-_PHP_extension_sodium -- whereas https://www.php.net/manual/en/sodium.installation.php says it's always bundled with PHP 7.2+ -- VERIFY USING 'php -i | grep sodium' AND 'apt list "*sodium*"'
      #- php{{ php_version }}-common     # 2021-06-27: Auto-installed as an apt dependency.  REGARDLESS: php{{ php_version }}-common superset php{{ php_version }}-cli is auto-installed by php{{ php_version }}-fpm in nginx/tasks/install.yml
      #- php{{ php_version }}-cli        # 2021-06-27: Compare to php{{ php_version }}-common just above!  2020-06-15: In the past this included (below) mbstring?  However this is not true on Ubuntu Server 20.04 LTS.
@ -55,61 +33,39 @@
      - php{{ php_version }}-intl        # 2020-12-03: Required by Moodle 3.10+ -- Likewise installed in mediawiki/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml
      - php{{ php_version }}-mbstring    # 2020-06-15: Required by Moodle 3.9+ -- Likewise installed in mediawiki/tasks/install.yml, nextcloud/tasks/install.yml, pbx/tasks/freepbx_dependencies.yml, wordpress/tasks/install.yml
      - php{{ php_version }}-pgsql       # 2021-06-27: Required for PostgreSQL
+      #- php{{ php_version }}-json       # 2021-07-02: Not requested by Moodle's PHP doc above.  Package baked into PHP 8+.  FWIW with PHP < 8, phpX.Y-json is already auto-installed by phpX.Y-fpm in 3-base-server's nginx/tasks/install.yml
+      #- php{{ php_version }}-opcache    # 2021-07-02: Experiment with fewer dependencies
+      #- php{{ php_version }}-readline   # 2021-07-02: Experiment with fewer dependencies
      - php{{ php_version }}-soap        # 2020-12-03: Recommended by Moodle 3.10+
      - php{{ php_version }}-xml         # 2021-06-28: Likewise installed in mediawiki/tasks/install.yml, nextcloud/tasks/install.yml, pbx/tasks/freepbx_dependencies.yml, wordpress/tasks/install.yml -- AND REGARDLESS dragged in later by Admin Console's use of php-pear for roles/cmdsrv/tasks/main.yml -- run 'php -m | grep -i xml' which in the end shows {libxml, SimpleXML, xml, xmlreader, xmlwriter}
-      #- php{{ php_version }}-xmlrpc     # 2021-06-27: Required per https://docs.moodle.org/19/en/PHP_settings_by_Moodle_version#PHP_Extensions_and_libraries BUT UNMAINTAINED FOR YEARS (POSSIBLE SECURITY RISK) SO MOVED TO PECL: https://php.watch/versions/8.0/xmlrpc
+      #- php{{ php_version }}-xmlrpc     # 2021-07-02: Doesn't exist with PHP 8.0 -- officially required per https://docs.moodle.org/19/en/PHP_settings_by_Moodle_version#PHP_Extensions_and_libraries BUT UNMAINTAINED FOR YEARS (POSSIBLE SECURITY RISK) SO MOVED TO PECL: https://php.watch/versions/8.0/xmlrpc
      - php{{ php_version }}-zip         # 2021-06-27: Likewise installed in nextcloud/tasks/install.yml, pbx/tasks/freepbx_dependencies.yml, wordpress/tasks/install.yml
    state: present

- name: Does {{ moodle_base }}/config-dist.php exist? (indicating Moodle is/was installed)
-  stat:
-    path: "{{ moodle_base }}/config-dist.php"    # /opt/iiab/moodle
-  register: moodle
-
- name: Clone (i.e. use git to download) {{ moodle_repo_url }} to {{ moodle_base }} (~288 MB)
+- name: Download (clone) {{ moodle_repo_url }} to {{ moodle_base }} (~350MB initially, ~371MB later)
  git:
-    repo: "{{ moodle_repo_url }}"
-    dest: "{{ moodle_base }}"
+    repo: "{{ moodle_repo_url }}"    # https://github.com/moodle/moodle
+    dest: "{{ moodle_base }}"        # /opt/iiab/moodle
    depth: 1
-    force: yes
    version: "MOODLE_{{ moodle_version }}_STABLE"
    #version: master   # TEMPORARY DURING MAY 2018 TESTING, installed 3.5beta+ = https://download.moodle.org/releases/development/
  #ignore_errors: yes
-  when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists

- name: Create dir {{ moodle_base }} owned by {{ apache_user }} (for config file?)
+- name: chown -R {{ apache_user }}:{{ apache_user }} {{ moodle_base }} (by default dirs 755 & files 644)
  file:
-    state: directory
    path: "{{ moodle_base }}"
    owner: "{{ apache_user }}"    # www-data
+    group: "{{ apache_user }}"
    recurse: yes

- name: Create dir {{ content_base }}/dbdata/moodle owned by {{ apache_user }}
-  file:
-    state: directory
-    path: "{{ content_base }}/dbdata/moodle"    # /library
-    owner: "{{ apache_user }}"
-
- name: Create dir {{ moodle_data }} ({{ apache_user }}:{{ apache_user }}, '0770')
+- name: Create dir {{ moodle_data }} ({{ apache_user }}:{{ apache_user }}) (by default 755 = drwxr-xr-x initially, but moodle_installer sets drwxrwsrwx below)
  file:
    state: directory
    path: "{{ moodle_data }}"    # /library/moodle
    owner: "{{ apache_user }}"
    group: "{{ apache_user }}"
-    #mode: '0770'    # Regardless, permissions end up as: drwxrwsrwx

- name: Remove stock /etc/{{ apache_conf_dir }}/moodle.conf
-  file:
-    path: "/etc/{{ apache_conf_dir }}/moodle.conf"    # apache2/sites-available
-    state: absent

-# 2021-02-01: Not nec if we can hopefully migrate from Apache to NGINX soon!
- name: Install /etc/{{ apache_conf_dir }}/022-moodle.conf from template
-  template:
-    src: 022-moodle.j2
-    dest: "/etc/{{ apache_conf_dir }}/022-moodle.conf"
-
-# roles/postgresql/templates/postgresql-iiab.service WAS INSTALLED HERE:
 # /etc/systemd/system/postgresql-iiab.service
 - name: Start 'postgresql-iiab' systemd service, to configure Moodle's DB
  systemd:
@ -136,38 +92,53 @@
  become: yes
  become_user: postgres

- name: Install {{ moodle_base }}/moodle_installer from template ('0755')
-  template:
-    src: moodle_installer
-    dest: "{{ moodle_base }}"
-    mode: '0755'
-
 - name: (Re)Start 'postgresql-iiab' systemd service
  systemd:
    name: postgresql-iiab
    state: restarted
    #enabled: yes    # Service ends up enabled regardless

- name: (Re)Start '{{ apache_service }}' systemd service
-  systemd:
-    name: "{{ apache_service }}"
-    state: restarted

- name: Does {{ moodle_base }}/config.php exist?
-  stat:
-    path: "{{ moodle_base }}/config.php"
-  register: config
+- name: Install {{ moodle_base }}/moodle_installer from template (0755)
+  template:
+    src: moodle_installer
+    dest: "{{ moodle_base }}"
+    mode: 0755

- name: Execute {{ moodle_base }}/moodle_installer -- REQUIRES 'max_input_vars = 5000' (or higher) in /etc/php/{{ php_version }}/cli/php.ini with PHP 8+ (as set up by www_options/tasks/main.yml) -- WHEREAS Moodle uses /etc/php/{{ php_version }}/{{ apache_service }}/php.ini or /etc/php/{{ php_version }}/fpm/php.ini during regular operation
+- name: Execute {{ moodle_base }}/moodle_installer IF {{ moodle_base }}/config.php doesn't yet exist -- REQUIRES 'max_input_vars = 5000' (or higher) in /etc/php/{{ php_version }}/cli/php.ini with PHP 8+ (as set up by www_options/tasks/main.yml) -- WHEREAS LATER Moodle uses /etc/php/{{ php_version }}/fpm/php.ini during regular operation
  shell: "{{ moodle_base }}/moodle_installer"
-  when: config.stat.exists is defined and not config.stat.exists
+  args:
+    creates: "{{ moodle_base }}/config.php"

-# 2021-02-01: Let's stick with Moodle's default (640)
-#- name: Make {{ moodle_base }}/config.php readable, with permission '0644'
-#  #command: chown -R {{ apache_user }} {{ moodle_base }}
-#  file:
-#    path: "{{ moodle_base }}/config.php"    # /opt/iiab/moodle
-#    mode: '0644'
+# 2021-07-05: For /opt/iiab/moodle, let's stick with default permissions from
+# above (755 dirs & 644 files), and ownership (www-data:www-data), as we do in
+# moodle/tasks/mathjax.yml
+
+# 2021-07-05: Seems like a good idea but Moodle's permissions recommendations
+# at https://docs.moodle.org/20/en/Creating_Moodle_site_data_directory don't
+# actually mandate this:
+#
+# - name: chmod -R o-rwx {{ moodle_data }} e.g. drwxrwsrwx to drwxrws---
+#   file:
+#     path: "{{ moodle_data }}"    # /library/moodle
+#     mode: o-rwx
+#     recurse: yes
+
+# https://docs.moodle.org/311/en/Nginx#XSendfile_aka_X-Accel-Redirect
+# https://github.com/moodle/moodle/blob/master/config-dist.php#L274-L287
+- name: Write extra parameters to {{ moodle_base }}/config.php -- "Setting Moodle and Nginx to use XSendfile functionality is a big win as it frees PHP from delivering files allowing Nginx to do what it does best, i.e. deliver files"
+  lineinfile:
+    path: "{{ moodle_base }}/config.php"
+    line: '$CFG->{{ item.name }} = {{ item.value }};'
+    insertbefore: '^\$CFG->directorypermissions'
+  with_items:
+    #- { name: 'backuptempdir', value: "'{{ moodlebox_moodle_data_dir }}/backup'" }
+    - { name: 'xsendfile', value: "'X-Accel-Redirect'" }
+    - { name: 'xsendfilealiases', value: "array('/dataroot/' => $CFG->dataroot)" }
+    #- { name: 'customfiletypes', value: "array(\n  (object)array(\n    'extension' => 'crt',\n    'icon' => 'sourcecode',\n    'type' => 'application/x-x509-ca-cert',\n    'customdescription' => 'X.509 CA certificate'\n  )\n)"}
+    #- { name: 'showcampaigncontent', value: 'false' }
+
+- include_tasks: mathjax.yml


 # RECORD Moodle AS INSTALLED
--- a/roles/moodle/tasks/main.yml
+++ b/roles/moodle/tasks/main.yml
@ -29,19 +29,16 @@
    postgresql_install: True
    postgresql_enabled: True    # Revert just below if...

- name: "Set 'postgresql_enabled: False' if 'not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled)'"
+- name: "Set 'postgresql_enabled: False' if not moodle_enabled"
  set_fact:
    postgresql_enabled: False
-  when: not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled)
+  when: not moodle_enabled    # and not (pathagar_enabled is defined and pathagar_enabled)

 - name: POSTGRESQL - run 'postgresql' role (Enable&Start or Disable&Stop PostgreSQL)
  include_role:
    name: postgresql


- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache
-  include_tasks: apache.yml
-
 - name: Enable/Disable/Restart NGINX
  include_tasks: nginx.yml

--- a/roles/moodle/tasks/mathjax.yml
+++ b/roles/moodle/tasks/mathjax.yml
@ -0,0 +1,27 @@
+# 2021-07-05: Thanks to https://github.com/moodlebox/moodlebox/blob/master/roles/moodleinstall/tasks/mathjax.yml
+
+# Verify this Moodle plugin after installation at:
+# http://box.lan/moodle/admin/plugins.php
+# http://box.lan/moodle/admin/settings.php?section=filtersettingmathjaxloader
+
+- name: Download (clone) MathJax library/plugin from https://github.com/mathjax/MathJax to {{ moodle_base }}/lib/MathJax
+  git:
+    repo: https://github.com/mathjax/MathJax    # Or: git://github.com/mathjax/MathJax.git
+    dest: "{{ moodle_base }}/lib/MathJax"       # /opt/iiab/moodle
+    #version: "{{ moodle_mathjax_version }}"    # 2021-07-05: https://github.com/moodlebox/moodlebox/blob/master/default.config.yml uses 2.7.9 from 2020-08-25 -- whereas https://github.com/mathjax/MathJax/releases offers 3.2.0 from 2021-07-17
+    depth: 1
+
+- name: chown -R {{ apache_user }}:{{ apache_user }} {{ moodle_base }}/lib/MathJax
+  file:
+    path: "{{ moodle_base }}/lib/MathJax"
+    owner: "{{ apache_user }}"    # www-data
+    group: "{{ apache_user }}"    # MoodleBox uses {{ moodlebox_username }} set to 'moodlebox' in https://github.com/moodlebox/moodlebox/blob/master/default.config.yml
+    #mode: ug+w,o-w               # 2021-07-05: Let's stick with Moodle's default (755 dirs & 644 files), as we do in moodle/tasks/install.yml
+    recurse: yes
+
+# SEE https://github.com/moodle/moodle/blob/master/filter/mathjaxloader/lang/en/filter_mathjaxloader.php
+- name: Run {{ moodle_base }}/admin/cli/cfg.php --component=filter_mathjaxloader to change MathJax library/plugin URL
+  command: >
+    /usr/bin/php {{ moodle_base }}/admin/cli/cfg.php --component=filter_mathjaxloader --name=httpsurl --set=/lib/MathJax/MathJax.js
+  register: mathjax_url_result
+  changed_when: mathjax_url_result.rc == 0
--- a/roles/moodle/templates/022-moodle.jv.unused
+++ b/roles/moodle/templates/022-moodle.jv.unused
--- a/roles/moodle/templates/moodle-nginx.conf.j2
+++ b/roles/moodle/templates/moodle-nginx.conf.j2
@ -1,13 +1,37 @@
-location /moodle {
-    proxy_set_header X-Real-IP  $remote_addr;
-    proxy_set_header X-Forwarded-For $remote_addr;
-    proxy_set_header Host $host;
-    proxy_pass http://127.0.0.1:{{ apache_port }};
+# 2021-07-02: Let's monitor & learn from these 3 pages year-by-year:
+# https://docs.moodle.org/311/en/Nginx
+# https://github.com/moodlebox/moodlebox/blob/master/roles/moodleinstall/tasks/coreinstall.yml
+# https://github.com/moodlebox/moodlebox/blob/master/roles/webserver/templates/etc/nginx/sites-available/default.j2
+
+# This passes 404 pages to Moodle so they can be themed
+#error_page 404 /error/index.php;    error_page 403 =404 /error/index.php;
+
+# https://docs.moodle.org/311/en/Nginx#XSendfile_aka_X-Accel-Redirect
+# https://github.com/moodle/moodle/blob/master/config-dist.php#L274-L287
+location /dataroot/ {
+    internal;
+    alias {{ moodle_data }}/;
 }

-location ~ ^/moodle.*\.php$ {
-    proxy_set_header X-Real-IP  $remote_addr;
-    proxy_set_header X-Forwarded-For $remote_addr;
-    proxy_set_header Host $host;
-    proxy_pass http://127.0.0.1:{{ apache_port }};
+location ~ ^/moodle(.*)\.php(.*)$ {
+    alias {{ moodle_base }}$1.php$2;
+
+    fastcgi_split_path_info ^(.+\.php)(/.+)$;
+    fastcgi_index index.php;
+    fastcgi_pass php;
+
+    fastcgi_read_timeout 300;    # Default is 60s
+
+    include fastcgi_params;    # fastcgi.conf also works
+    fastcgi_param PATH_INFO $fastcgi_path_info;
+    fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
+
+    # Uncomment to override /etc/php/<VERSION>/fpm/php.ini -- FYI Stage 4's
+    # roles/www_options/tasks/main.yml FORCES these same settings and more
+    # (equivalent to 'nginx_high_php_limits: True') when 'moodle_install: True' 
+    #fastcgi_param PHP_VALUE "max_execution_time=300\n upload_max_filesize=500M\n post_max_size=500M\n max_input_vars=5000";
+}
+
+location ~ ^/moodle {
+    root {{ iiab_base }};
 }
--- a/roles/moodle/templates/moodle-nginx.conf.j2.native
+++ b/roles/moodle/templates/moodle-nginx.conf.j2.native
@ -1,16 +0,0 @@
-location ^/moodle {
-   alias /opt/iiab/moodle;
-   try_files $uri $uri/ index.php =404;
-}
-location ~ /moodle/(.*)\.php {
-    root /opt/iiab/;
-    proxy_set_header X-Real-IP  $remote_addr;
-    proxy_set_header X-Forwarded-For $remote_addr;
-    proxy_set_header Host $host;
-    include fastcgi_params;
-    fastcgi_index index.php;
-    fastcgi_pass php;
-    fastcgi_split_path_info ^(.+\.php)(/.+)$;
-    fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
-    fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
-}
--- a/roles/moodle/templates/moodle-nginx.conf.j2.unused
+++ b/roles/moodle/templates/moodle-nginx.conf.j2.unused
@ -0,0 +1,13 @@
+location /moodle {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header Host $host;
+    proxy_pass http://127.0.0.1:{{ apache_port }};
+}
+
+location ~ ^/moodle.*\.php$ {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header Host $host;
+    proxy_pass http://127.0.0.1:{{ apache_port }};
+}
--- a/roles/moodle/templates/moodle_installer
+++ b/roles/moodle/templates/moodle_installer
@ -6,17 +6,25 @@
 # a capital letter, in keeping with Internet-in-a-Box's other server apps?

 sudo -u {{ apache_user }} \
-     /usr/bin/php {{ moodle_base }}/admin/cli/install.php \
-     --wwwroot=http://{{ iiab_hostname }}.{{ iiab_domain }}/moodle \
-     --dataroot={{ moodle_data }} \
-     --dbtype=pgsql \
-     --dbname={{ moodle_database_name }} \
-     --dbuser=Admin --dbpass=changeme \
-     --fullname=Your_School \
-     --shortname=School \
-     --adminuser=admin --adminpass=changeme \
-     --non-interactive \
-     --agree-license \
-     --allow-unstable   # TEMPORARY DURING MAY 2018 TESTING
+    /usr/bin/php {{ moodle_base }}/admin/cli/install.php \
+    --wwwroot=http://{{ iiab_hostname }}.{{ iiab_domain }}/moodle \
+    --dataroot={{ moodle_data }} \
+    --dbtype=pgsql \
+    --dbname={{ moodle_database_name }} \
+    --dbuser=Admin --dbpass=changeme \
+    --fullname=Your_School \
+    --shortname=School \
+    --adminuser=admin --adminpass=changeme \
+    --non-interactive \
+    --agree-license \
+    --allow-unstable   # TEMPORARY DURING MAY 2018 TESTING
+# 2021-07-05 ideas from https://github.com/moodlebox/moodlebox/blob/master/roles/moodleinstall/tasks/coreinstall.yml :
+#    --lang=    # moodlebox_moodle_lang
+#    --dbtype=mariadb
+#    --prefix=    # moodlebox_moodle_db_prefix
+#    --summary=    # moodlebox_moodle_summary
+#    --adminemail=    # moodlebox_moodle_username @ moodlebox_hostname .invalid
+# Above vars set in https://github.com/moodlebox/moodlebox/blob/master/default.config.yml

-chown {{ apache_user }}:{{ apache_user }} {{ moodle_base }}/config.php
+# 2021-07-05: No longer needed
+#chown {{ apache_user }}:{{ apache_user }} {{ moodle_base }}/config.php