Installation guide for Chamilo 1.11.10 (with Git) on DigitalOcean with PHP7.2

This guide will take you through the process of installing the Chamilo e-learning portal, version 1.11.10 on a fresh DigitalOcean instance,on an Ubuntu 18.04 64bit distribution.

To follow this guide, you should be familiar with the notion of SSH keys and installing/configuring server software on Ubuntu.

Previous articles on this blog explain how to install Chamilo 1.9 using Juju Charms, how to install 1.10.2 on Ubuntu 15.10, and 1.10.* on Ubuntu 16.04 and 17.04.

chamilo-php7

Step 1: Get a Digital Ocean instance

  • If you don’t have one, create an account on DigitalOcean
  • Give a credit card account or make a payment through PayPal (you might not need it for the first few bucks you’ll need to follow this guide)
  • Create a (cheap) instance of 3GB RAM ($15/month) with Ubuntu 18.04 x64. You can also start with a 1GB RAM instance, then resize to 3GB only for the composer update command (below), then resize back down to 1GB for the rest
  • Give an SSH key so that you can connect to your instance with “ssh root@[instance-ip]”

Step 2: Setup temporary domain name

To make it short, we’ll just define the new instance’s IP as a local name on our computer only. You can also use the IP directly, but I prefer using a name.

  • edit your local computer’s /etc/hosts file (on Windows, C:\Windows\System32\drivers\etc\hosts),
  • add the instance IP, a blank space, and a name you want to give it. e.g.: 104.236.39.29 cham1.beeznest.com

In my case, I have IP 104.236.39.29 and name cham1.beeznest.com, but in the following guide we will assume (for simplicity) that we use the IP address directly.

If you later want to add support for HTTPS, you *will* need a domain or sub-domain name.

Step 3: Connect and install software stack

Ubuntu 18.04 comes officially with PHP 7.2, so there’s not much to do in that respect, except installing them. Launch the following commands in sequence:

  • apt update && apt -y upgrade
  • apt install apache2 libapache2-mod-php mariadb-client mariadb-server php-pear php-dev php-gd php-curl php-intl php-mysql php-mbstring php-zip php-xml php-cli php-apcu git unzip
  • mysql_secure_installation (give a MySQL root password twice, remember it, and confirm every other question asked)
  • install composer: cd /root/ && mkdir composer && cd composer && php -r “copy(‘https://getcomposer.org/installer’, ‘composer-setup.php’);” && php composer-setup.php && php -r “unlink(‘composer-setup.php’);” && mv composer.phar /usr/local/bin/composer && cd .. && rm -rf composer

This whole step takes about 2.5 minutes in total on Digital Ocean’s super fast infrastructure.

Step 4: Downloading from Github

  • cd /var/www
  • mkdir chamilo
  • cd chamilo
  • git clone -b 1.11.x https://github.com/chamilo/chamilo-lms www
  • cd www
  • git checkout tags/v1.11.10
  • composer update (we are allowing an update by the user root here for simplicity, but you shouldn’t do that if you are preparing this machine for production)
  • chown -R www-data: app main/lang main/default_course_document/images/ web

Step 5: Database

  • mysql -u root -p
  • [give the mysql root password]
  • mysql> GRANT ALL PRIVILEGES ON chamilo.* TO chamilo@localhost IDENTIFIED BY ‘chamilo’;
  • mysql> FLUSH PRIVILEGES;
  • mysql> exit;

Step 6: Configure Apache’s Virtual Host

Since version 1.10 of Chamilo, it is *mandatory* that your web server handles some redirections, which is done the easiest by doing the following (in the case of Apache).

  • cd /etc/apache2/sites-available/
  • vim 000-default.conf (or use another editor if you like)
  • change /var/www/html by /var/www/chamilo/www
  • Add the following block anywhere *inside* the VirtualHost block
 <Directory /var/www/chamilo/www>
Options Indexes FollowSymLinks MultiViews
Require all granted
</Directory>
  • exit (esc + :wq + enter)
  • a2enmod rewrite
  • service apache2 restart

Step 7: Browser install of Chamilo

  • Open your browser on http://104.236.39.29 (the IP of this virtual machine) and follow the installation process (see your chamilo user, password and database name in the “GRANT” command above)
Chamilo 1.11.4 beta install welcome screen
Chamilo 1.11.4 beta install welcome screen

That’s all, folks! Don’t forget this is a development-type installation, meaning that some things will not be tuned for production environments. If you need production-ready installations, the BeezNest team is available for hiring.

Extra: Setting it up with Nginx

If you want to use HTTP2, you will have to use Nginx. Using Nginx adds a few complicated steps to this procedure, so let’s see what can be done here…

  • apt-get remove apache2
  • apt-get install nginx-full php-fpm
  • vim /etc/nginx/sites-available/default
    • change “root” from /var/www/html to /var/www/chamilo/www
    • use https://campus.chamilo.org/documentation/installation_guide.html to copy-paste the configuration block for Nginx, only replacing /var/run/php5-fpm.sock by /var/run/php/php7.2-fpm.sock
  • vim /etc/php/7.2/fpm/conf.d/10-opcache.ini
    • add a line “opcache.enable=1”
  • service nginx restart
  • service php-fpm restart

To enable HTTP2 support (which, by the way, will only work with HTTPS at this time), change “listen 443 ssl” to “listen 443 ssl http2”. This also means that your server will be *required* to have a domain name (in this guide we essentially used an IP address to install Chamilo), and that you will *need* an SSL certificate (you can get one for free from letsencrypt.org, but that’s not very easy with Nginx as of April 2016).

Because of the inherent restrictions of HTTP2 in terms of security, it is mandatory to configure the port 443 section of your Nginx config in a highly-secured manner. You can use the cipherli.st page to copy-paste most of the config (you’ll need to adjust to your Nginx version, though).

In any case, HTTP2 will require TLS >= 1.2. Just remember that.

Extra 2: Setting up a firewall

You can easily setup a firewall with the following commands, after editing /etc/default/ufw and making sure that the IPV6 option says “yes”:

  • apt install ufw
  • ufw default deny incoming
  • ufw default allow outgoing
  • ufw allow ssh
  • ufw allow http
  • ufw allow https
  • ufw enable

This will ensure no connection can be made to your droplet through other ports than those 3.

Other Cloud providers

The procedure above (with some minor changes) is pretty much the same on a Google Cloud Compute instance and (to some extent) on an AWS EC2 instance, on Azure, etc.

It's only fair to share...Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Share on Tumblr
Tumblr
Email this to someone
email

Leave a Reply

Your email address will not be published. Required fields are marked *