diff --git a/roles/moodle/defaults/main.yml b/roles/moodle/defaults/main.yml index 9de4aee06..193c21d64 100644 --- a/roles/moodle/defaults/main.yml +++ b/roles/moodle/defaults/main.yml @@ -8,7 +8,7 @@ # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! moodle_version: 311 -moodle_repo_url: https://github.com/moodle/moodle.git +moodle_repo_url: https://github.com/moodle/moodle #moodle_repo_url: git://git.moodle.org/moodle.git # 2020-10-16: VERY Slow! moodle_base: "{{ iiab_base }}/moodle" # /opt/iiab moodle_data: "{{ content_base }}/moodle" # /library diff --git a/roles/moodle/tasks/install.yml b/roles/moodle/tasks/install.yml index 71c8d0f23..12e493a1f 100644 --- a/roles/moodle/tasks/install.yml +++ b/roles/moodle/tasks/install.yml @@ -7,16 +7,6 @@ # (as required by Moodle's CLI installer, DESPITE it using fpm/php.ini later!) -#- name: "Set 'apache_install: True' and 'apache_enabled: True'" -# set_fact: -# apache_install: True -# apache_enabled: True - -#- name: APACHE - run 'httpd' role -# include_role: -# name: httpd - - - name: "Set 'postgresql_install: True' and 'postgresql_enabled: True'" set_fact: postgresql_install: True @@ -52,57 +42,30 @@ - php{{ php_version }}-zip # 2021-06-27: Likewise installed in nextcloud/tasks/install.yml, pbx/tasks/freepbx_dependencies.yml, wordpress/tasks/install.yml state: present -- name: Does {{ moodle_base }}/config-dist.php exist? (indicating Moodle is/was installed) - stat: - path: "{{ moodle_base }}/config-dist.php" # /opt/iiab/moodle - register: moodle - -- name: Clone (i.e. use git to download) {{ moodle_repo_url }} to {{ moodle_base }} (~288 MB) +- name: Download (clone) {{ moodle_repo_url }} to {{ moodle_base }} (~350MB initially, ~371MB later) git: - repo: "{{ moodle_repo_url }}" - dest: "{{ moodle_base }}" + repo: "{{ moodle_repo_url }}" # https://github.com/moodle/moodle + dest: "{{ moodle_base }}" # /opt/iiab/moodle depth: 1 - force: yes version: "MOODLE_{{ moodle_version }}_STABLE" #version: master # TEMPORARY DURING MAY 2018 TESTING, installed 3.5beta+ = https://download.moodle.org/releases/development/ #ignore_errors: yes - when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists -- name: Create dir {{ moodle_base }} owned by {{ apache_user }} (for config file?) +- name: chown -R {{ apache_user }}:{{ apache_user }} {{ moodle_base }} (by default dirs 755 & files 644) file: - state: directory path: "{{ moodle_base }}" owner: "{{ apache_user }}" # www-data group: "{{ apache_user }}" - mode: u+rw,g+r,o+r # '0755' forced executable bits on files recurse: yes -- name: Create dir {{ content_base }}/dbdata/moodle owned by {{ apache_user }} - file: - state: directory - path: "{{ content_base }}/dbdata/moodle" # /library - owner: "{{ apache_user }}" - -- name: Create dir {{ moodle_data }} ({{ apache_user }}:{{ apache_user }}, '0770') +- name: Create dir {{ moodle_data }} ({{ apache_user }}:{{ apache_user }}) (by default 755 = drwxr-xr-x initially, but moodle_installer sets drwxrwsrwx below) file: state: directory path: "{{ moodle_data }}" # /library/moodle owner: "{{ apache_user }}" group: "{{ apache_user }}" - #mode: '0770' # Regardless, permissions end up as: drwxrwsrwx -#- name: Remove stock /etc/{{ apache_conf_dir }}/moodle.conf -# file: -# path: "/etc/{{ apache_conf_dir }}/moodle.conf" # apache2/sites-available -# state: absent -# 2021-02-01: Not nec if we can hopefully migrate from Apache to NGINX soon! -#- name: Install /etc/{{ apache_conf_dir }}/022-moodle.conf from template -# template: -# src: 022-moodle.j2 -# dest: "/etc/{{ apache_conf_dir }}/022-moodle.conf" - -# roles/postgresql/templates/postgresql-iiab.service WAS INSTALLED HERE: # /etc/systemd/system/postgresql-iiab.service - name: Start 'postgresql-iiab' systemd service, to configure Moodle's DB systemd: @@ -129,42 +92,40 @@ become: yes become_user: postgres -- name: Install {{ moodle_base }}/moodle_installer from template ('0755') - template: - src: moodle_installer - dest: "{{ moodle_base }}" - mode: '0755' - - name: (Re)Start 'postgresql-iiab' systemd service systemd: name: postgresql-iiab state: restarted #enabled: yes # Service ends up enabled regardless -#- name: (Re)Start '{{ apache_service }}' systemd service -# systemd: -# name: "{{ apache_service }}" -# state: restarted -# - name: Does {{ moodle_base }}/config.php exist? -# stat: -# path: "{{ moodle_base }}/config.php" -# register: config +- name: Install {{ moodle_base }}/moodle_installer from template (0755) + template: + src: moodle_installer + dest: "{{ moodle_base }}" + mode: 0755 - name: Execute {{ moodle_base }}/moodle_installer IF {{ moodle_base }}/config.php doesn't yet exist -- REQUIRES 'max_input_vars = 5000' (or higher) in /etc/php/{{ php_version }}/cli/php.ini with PHP 8+ (as set up by www_options/tasks/main.yml) -- WHEREAS Moodle uses /etc/php/{{ php_version }}/fpm/php.ini during regular operation shell: "{{ moodle_base }}/moodle_installer" args: creates: "{{ moodle_base }}/config.php" - #when: config.stat.exists is defined and not config.stat.exists -# 2021-07-05: Let's stick with Moodle's default (755 dirs & 644 files), as we do in moodle/tasks/mathjax.yml -#- name: Make {{ moodle_base }}/config.php readable, with permission '0644' -# #command: chown -R {{ apache_user }} {{ moodle_base }} -# file: -# path: "{{ moodle_base }}/config.php" # /opt/iiab/moodle -# mode: '0644' +# 2021-07-05: For /opt/iiab/moodle, let's stick with default permissions from +# above (755 dirs & 644 files), and ownership (www-data:www-data), as we do in +# moodle/tasks/mathjax.yml + +# 2021-07-05: Seems like a good idea but Moodle's permissions recommendations +# at https://docs.moodle.org/20/en/Creating_Moodle_site_data_directory don't +# actually mandate this: +# +# - name: chmod -R o-rwx {{ moodle_data }} e.g. drwxrwsrwx to drwxrws--- +# file: +# path: "{{ moodle_data }}" # /library/moodle +# mode: o-rwx +# recurse: yes # https://docs.moodle.org/311/en/Nginx#XSendfile_aka_X-Accel-Redirect +# https://github.com/moodle/moodle/blob/master/config-dist.php#L274-L287 - name: Write extra parameters to {{ moodle_base }}/config.php -- "Setting Moodle and Nginx to use XSendfile functionality is a big win as it frees PHP from delivering files allowing Nginx to do what it does best, i.e. deliver files" lineinfile: path: "{{ moodle_base }}/config.php" diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index 1a618363b..5c4e6bf73 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -29,19 +29,16 @@ postgresql_install: True postgresql_enabled: True # Revert just below if... -- name: "Set 'postgresql_enabled: False' if 'not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled)'" +- name: "Set 'postgresql_enabled: False' if not moodle_enabled" set_fact: postgresql_enabled: False - when: not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled) + when: not moodle_enabled # and not (pathagar_enabled is defined and pathagar_enabled) - name: POSTGRESQL - run 'postgresql' role (Enable&Start or Disable&Stop PostgreSQL) include_role: name: postgresql -#- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache -# include_tasks: apache.yml - - name: Enable/Disable/Restart NGINX include_tasks: nginx.yml diff --git a/roles/moodle/templates/moodle-nginx.conf.j2 b/roles/moodle/templates/moodle-nginx.conf.j2 index a4fd67574..135096c5b 100644 --- a/roles/moodle/templates/moodle-nginx.conf.j2 +++ b/roles/moodle/templates/moodle-nginx.conf.j2 @@ -7,7 +7,8 @@ #error_page 404 /error/index.php; error_page 403 =404 /error/index.php; # https://docs.moodle.org/311/en/Nginx#XSendfile_aka_X-Accel-Redirect -location ~ ^/moodle/dataroot/ { +# https://github.com/moodle/moodle/blob/master/config-dist.php#L274-L287 +location /dataroot/ { internal; alias {{ moodle_data }}/; } diff --git a/roles/moodle/templates/moodle_installer b/roles/moodle/templates/moodle_installer index bde8938ae..be6b18bf6 100755 --- a/roles/moodle/templates/moodle_installer +++ b/roles/moodle/templates/moodle_installer @@ -6,18 +6,18 @@ # a capital letter, in keeping with Internet-in-a-Box's other server apps? sudo -u {{ apache_user }} \ - /usr/bin/php {{ moodle_base }}/admin/cli/install.php \ - --wwwroot=http://{{ iiab_hostname }}.{{ iiab_domain }}/moodle \ - --dataroot={{ moodle_data }} \ - --dbtype=pgsql \ - --dbname={{ moodle_database_name }} \ - --dbuser=Admin --dbpass=changeme \ - --fullname=Your_School \ - --shortname=School \ - --adminuser=admin --adminpass=changeme \ - --non-interactive \ - --agree-license \ - --allow-unstable # TEMPORARY DURING MAY 2018 TESTING + /usr/bin/php {{ moodle_base }}/admin/cli/install.php \ + --wwwroot=http://{{ iiab_hostname }}.{{ iiab_domain }}/moodle \ + --dataroot={{ moodle_data }} \ + --dbtype=pgsql \ + --dbname={{ moodle_database_name }} \ + --dbuser=Admin --dbpass=changeme \ + --fullname=Your_School \ + --shortname=School \ + --adminuser=admin --adminpass=changeme \ + --non-interactive \ + --agree-license \ + --allow-unstable # TEMPORARY DURING MAY 2018 TESTING # 2021-07-05 ideas from https://github.com/moodlebox/moodlebox/blob/master/roles/moodleinstall/tasks/coreinstall.yml : # --lang= # moodlebox_moodle_lang # --dbtype=mariadb @@ -26,4 +26,5 @@ sudo -u {{ apache_user }} \ # --adminemail= # moodlebox_moodle_username @ moodlebox_hostname .invalid # Above vars set in https://github.com/moodlebox/moodlebox/blob/master/default.config.yml -chown {{ apache_user }}:{{ apache_user }} {{ moodle_base }}/config.php +# 2021-07-05: No longer needed +#chown {{ apache_user }}:{{ apache_user }} {{ moodle_base }}/config.php