Canvas LMS/Installation

From r00tedvw.com wiki
(Difference between revisions)
Jump to: navigation, search
Line 178: Line 178:
 
In my installation, I did not do the following:<br>
 
In my installation, I did not do the following:<br>
 
'''Permission issues, see [https://github.com/instructure/canvas-lms/wiki/Production-Start#configure-passenger-with-apache Configure Passenger with Apache] on the Production start guide for Canvas'''
 
'''Permission issues, see [https://github.com/instructure/canvas-lms/wiki/Production-Start#configure-passenger-with-apache Configure Passenger with Apache] on the Production start guide for Canvas'''
 +
==Apache 2 SSL config==
 +
~/var/canvas$ sudo a2enmod ssl
 +
~/var/canvas$ sudo service apache2 restart
 +
 +
==Canvas Apache2 config==
 +
Disable the default site
 +
~/var/canvas$ sudo a2dissite 000-default
 +
~/var/canvas$ sudo service apache2 restart
 +
Create the canvas apache config file
 +
~/var/canvas$ sudo nano /etc/apache2/sites-available/canvas
 +
Paste the following into the new file:
 +
<VirtualHost *:80>
 +
  ServerName canvas.example.com
 +
  ServerAlias files.canvas.example.com
 +
  ServerAdmin [email protected]
 +
  DocumentRoot /var/canvas/public
 +
  RewriteEngine On
 +
  RewriteCond %{HTTP:X-Forwarded-Proto} !=https
 +
  RewriteCond %{REQUEST_URI} !^/health_check
 +
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] 
 +
  ErrorLog /var/log/apache2/canvas_errors.log
 +
  LogLevel warn
 +
  CustomLog /var/log/apache2/canvas_access.log combined
 +
  SetEnv RAILS_ENV production
 +
  <Directory /var/canvas/public>
 +
    Allow from all
 +
    Options -MultiViews
 +
  </Directory>
 +
</VirtualHost>
 +
<VirtualHost *:443>
 +
  ServerName canvas.example.com
 +
  ServerAlias files.canvas.example.com
 +
  ServerAdmin [email protected]
 +
  DocumentRoot /var/canvas/public
 +
  ErrorLog /var/log/apache2/canvas_errors.log
 +
  LogLevel warn
 +
  CustomLog /var/log/apache2/canvas_ssl_access.log combined
 +
  SSLEngine on
 +
  BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
 +
  BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
 +
  # the following ssl certificate files are generated for you from the ssl-cert package.
 +
  SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
 +
  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
 +
  SetEnv RAILS_ENV production
 +
  <Directory /var/canvas/public>
 +
    Allow from all
 +
    Options -MultiViews
 +
  </Directory>
 +
</VirtualHost>

Revision as of 16:33, 21 January 2014

Canvas - Learning Management Solution. Used by universities and schools.

Contents

Requirements

In the simplest configuration, everything will be running off a single server.

Recommended Hardware specifications
Dual Core+ 3.0ghz+ or Dual processors
4GB+ RAM
60GB HDD
64-bit capable system

Software Requirments

Minium, Ubuntu 10.04 LTS+ server edition. Desktop will require more hardware than listed above.
Preferably Ubuntu 12.04 LTS
If you are having trouble loading 12.04 LTS, try upgrading from 10.04. Instructions here

Download Database software

Postgres (Database)

~$ sudo apt-get update && sudo apt-get -y upgrade && sudo apt-get -y autoremove
~$ sudo apt-get -y install postgresql-9.1

Configure Database

~$ sudo -u postgres createuser canvas -D -S -R -P
~$ sudo -u postgres createdb canvas_production --owner=canvas
~$ sudo -u postgres createdb canvas_queue_production --owner=canvas

Download Git & Canvas

~$ sudo apt-get -y install git-core
~$ cd /var
~$ sudo git clone https://github.com/instructure/canvas-lms.git canvas
~$ cd canvas
~/var/canvas$ sudo git branch --set-upstream stable origin/stable
~/var/canvas$ sudo chown -R helpdesk /var/canvas   --- helpdesk just happens to be the name of this user.  use your own

Download Ruby 1.9.3

You're going to have to add a repository because the version available through Ubuntu's US or Main repos is not up to date (at the time of this writing.

~/var/canvas$ sudo apt-get -y install python-software-properties
~/var/canvas$ sudo apt-add-repository ppa:brightbox/ruby-ng
~/var/canvas$ sudo apt-get update
~/var/canvas$ sudo apt-get -y install ruby1.9.3 zlib1g-dev libxml2-dev libmysqlclient-dev libxslt1-dev imagemagick libpq-dev nodejs libxmlsec1-dev libcurl4-gnutls-dev libxmlsec1 build-essential openjdk-7-jre

Download Ruby Gems

If you are behind a firewall, you're going to need to open up the following routes to complete this sections' installation instructions:

192.30.252.128:9418
192.30.252.129:9418
192.30.252.130:9418
192.30.252.131:9418
~/var/canvas$ sudo gem install bundler --version 1.3.5
~/var/canvas$ bundle install --path vendor/bundle --without=sqlite

Download default config files from Amazon instance

~/var/canvas$ for config in amazon_s3 database \
  delayed_jobs domain file_store outgoing_mail security external_migration
do cp config/$config.yml.example config/$config.yml; done

Configuration

database.yml

~/var/canvas$ cp config/database.yml.example /config/database.yml
~/var/canvas$ vi config/database.yml

Under Production

  • edit the database name (if different from default)default=canvas_production & canvas_queue_production
  • host (if different from default) default=localhost
  • username for database user (if different from default) default=canvas
  • password for database user
In my instance, nothing was changed except the password.
production:
 adapter: postgresql
 encoding: utf8
 database: canvas_production
 host: localhost
 username: canvas
 password: password
 timeout: 5000
 queue:
   adapter: postgresql
   encoding: utf8
   database: canvas_queue_production
   host: localhost
   username: canvas
   password: password
   timeout: 5000

outgoing_mail.yml

~/var/canvas$ cp config/outgoing_mail.yml.example config/outgoing_mail.yml
~/var/canvas$ vi config/outgoing_mail.yml

Under Production

  • Edit the address, this should be your email relay or SMTP server
  • Edit the port (if different from default) default=25
  • Edit the username for your relay/smtp
  • Edit the password for your relay/smtp
  • Edit the domain (if different from default) default=example.com
  • Edit the outgoing address (if different from default) [email protected]
In my instance, I only changed the address, username, password, domain, and outgoing_address
production:
 address: "smtp.example.com"
 port: "25"
 user_name: "user"
 password: "password"
 authentication: "plain" # plain, login, or cram_md5
 domain: "example.com"
 outgoing_address: "[email protected]"
 default_name: "Instructure Canvas"

domain.yml

~/var/canvas$ cp config/domain.yml.example config/domain.yml
~/var/canvas$ vi config/domain.yml

Under Production

  • Edit the domain
  • Uncomment the files domain and add your domain
In my instance, I only changed the domain and uncommented the files domain
production:
 domain: "canvas.example.com"
 # whether this instance of canvas is served over ssl (https) or not
 # defaults to true for production, false for test/development
 ssl: true
 files_domain: "canvasfiles.example.com"

security.yml

~/var/canvas$ cp config/security.yml.example config/security.yml
~/var/cavnas$ vi config/security.yml

Under Production

  • Edit the encryption Key to a minimum of 20 characters. This can be random.
In my instance, I only changed the encryption key by pressing alot of buttons
 production:
 # replace this with a random string of at least 20 characters
 encryption_key: hu9ehd92hdh2798ehdrd2hd37824   ---(no this is not really my encryption key)

Database Population

~/var/canvas$ RAILS_ENV=production bundle exec rake db:initial_setup

You will be asked the following questions:

What email address will the site administrator account use? > 
Please confirm > 
What password will the site administrator use? >
Please confirm >
What do you want users to see as the account name? This should probably be the name of your organization. >
To help our developers better serve you, Instructure would like to collect some usage data about your Canvas installation. You can  

change this setting at any time.:

1. Opt in
2. Only send anonymized data
3. Opt out completely
>

File Generation

~/var/canvas$ bundle exec rake canvas:compile_assets

Ownership limitations

I did this with www-data as this user exists by default with Apache installtions on Ubuntu.
Verify www-data exists:

~/var/canvas$ awk -F':' '{ print$1}' /etc/passwd
...
www-data
...

Create directories and set permissions.

~/var/canvas$ sudo mkdir -p log tmp/pids public/assets public/stylesheets/compiled
~/var/canvas$ sudo touch Gemfile.lock
~/var/canvas$ sudo chown -R www-data config/environment.rb log tmp public/assets public/stylesheets/compiled Gemfile.lock config.ru

Limit read access

~/var/canvas$ sudo chown www-data config/*.yml
~/var/canvas$ sudo chmod 400 config/*.yml

Apache2 install/config

~/var/canvas$ sudo apt-get -y install passenger-common1.9.1 libapache2-mod-passenger apache2
~/var/canvas$ sudo a2enmod rewrite
~/var/canvas$ sudo service apache2 restart

Verify that symlinks exist for the passenger mods:

~/var/canvas$ cd /etc/apache2/mods-enabled/
~/etc/apache2/mods-enabled$ ls
...
passenger.conf
passenger.load
....


In my installation, I did not do the following:
Permission issues, see Configure Passenger with Apache on the Production start guide for Canvas

Apache 2 SSL config

~/var/canvas$ sudo a2enmod ssl
~/var/canvas$ sudo service apache2 restart

Canvas Apache2 config

Disable the default site

~/var/canvas$ sudo a2dissite 000-default
~/var/canvas$ sudo service apache2 restart

Create the canvas apache config file

~/var/canvas$ sudo nano /etc/apache2/sites-available/canvas

Paste the following into the new file:

<VirtualHost *:80>
  ServerName canvas.example.com
  ServerAlias files.canvas.example.com
  ServerAdmin [email protected]
  DocumentRoot /var/canvas/public
  RewriteEngine On
  RewriteCond %{HTTP:X-Forwarded-Proto} !=https
  RewriteCond %{REQUEST_URI} !^/health_check
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]  
  ErrorLog /var/log/apache2/canvas_errors.log
  LogLevel warn
  CustomLog /var/log/apache2/canvas_access.log combined
  SetEnv RAILS_ENV production
  <Directory /var/canvas/public>
    Allow from all
    Options -MultiViews
  </Directory>
</VirtualHost>
<VirtualHost *:443>
  ServerName canvas.example.com
  ServerAlias files.canvas.example.com
  ServerAdmin [email protected]
  DocumentRoot /var/canvas/public
  ErrorLog /var/log/apache2/canvas_errors.log
  LogLevel warn
  CustomLog /var/log/apache2/canvas_ssl_access.log combined
  SSLEngine on
  BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
  BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
  # the following ssl certificate files are generated for you from the ssl-cert package.
  SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
  SetEnv RAILS_ENV production
  <Directory /var/canvas/public>
    Allow from all
    Options -MultiViews
  </Directory>
</VirtualHost>
Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Open Source Products
Ubuntu
Ubuntu 22
Mac OSX
Oracle Linux
AWS
Windows
OpenVPN
Grafana
InfluxDB2
TrueNas
MagicMirror
OwnCloud
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
Plex Media Server
MetaSploit
Zoneminder
ShinobiCE
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
Politics
Volkswagen
Covid
NCDMV
Toolbox