Mid-term Project


The project is about configuring Moodle using AWS EC2 with 2 instance with the following requirements,

  • First instance EC2 as a nginx webserver
  • Second instance EC2 as a database server
  • The site must have HTTPS
  • The site must use a domain provided on the spreadsheet (or custom) There’s also additional requirements as follows,

  • Use elastic IP for the instance
  • For mysql, modify the configuration on /etc/mysql/my.cnf so that the bind address is (the default was loopback ip
  • Open only the required port in SG (80, 443, 3306)

As an additional notes, this is also a collaborative project. I partnered with Fikri to finish the project, you can visit his website too :)

Table of Contents

EC2 Setup

We will create 2 instance for webserver and database. In the webserver instance, i’ll open port 80 and 443 and for the database server i’ll only open 3306 for mysql and 22 for SSH in each instance.

Web Server

Just deploy new EC2 instance and make sure to configure the security group as follows,

EC2 SG webserver

After the instance is successfully deployed, allocate new elastic IP and associate it to the instance we created earlier.

elastic ip webserver 1

elastic ip webserver 2

Database Server

Deploy the second instance with ubuntu 20.04 with security group to open port 22 and 3306.

EC2 SG db

Allocate new elastic ip and associate it to the instance.

elastic ip db

LEMP Installation

The next step is to install Nginx, MySQL, and PHP to serve the moodle webapp.

First thing first, update your repository first with

sudo bash -c "apt-get update && apt-get dist-upgrade && apt-get autoremove"


After the update is successfull, install nginx and start the services.

install nginx

Enable nginx service so that it runs on startup automatically even after we restart the machine.

enable nginx


After that, install MySQL server in the second instance.

mysql installation

Don’t forget to enable the services too.

mysql enable


Then, install PHP with the required extension and php-fpm.

php installation

MySQL Configuration

After we’ve been successfully installed mysql in the second instance, we will configure MySQL. Execute mysql_secure_installation command to configure this atribute,

  • Setup root password
  • Delete anonymous user
  • Delete root remote login access
  • Delete test database
  • Reload privileges table
sudo mysql_secure_installation

mysql secure 1

mysql secure 2

Open mysql configuration file in /etc/mysql/my.cnf and change the port to 3306 and bind-address to

mysql conf

Login as root to mysql console and create database and user for moodle.


CREATE USER 'moodleuser'@'your_webserver_ip_or_domain.com' identified by 'your_password';

GRANT ALL ON moodle.* TO 'moodleuser'@'your_webserver_ip_or_domain.com' identified by 'your_password';
GRANT ALL ON moodle.* TO 'moodleuser'@'your_webserver_ip_or_domain.com' WITH GRANT OPTION;

flush privileges;

Make sure to grant moodle database only to your webserver instance and double check the IP/domain you want to enter.

This is optional, but if you want to create filter or firewall to your database so that only specific ip (your webserver) can access sql, use these following iptables command,

sudo iptables -A INPUT -p tcp -m tcp --dport 3306 -d your_webserver_ip -j ACCEPT

Moodle Configuration

Now we’re gonna setup moodle app. First make sure that git and curl are already installed.

sudo apt install git curl -y

install git and curl

Clone or Download Moodle App

Clone moodle repository or use curl to download moodle app. Copy the moodle directory from the clone operation before to webserver directory (usually in /var/www for ubuntu).

clone moodle app

Create the MOODLEDATA Directory

Apart from moodle app directory, we must create another directory called moodledata (although you custom the name). This directory is the location of files that are uploaded or created by Moodle Interface. Configure it’s permission and change the mode to 755 and the owner to www-data user and group (it may be a little different in other distro).

sudo cp -R moodle /var/www/
sudo mkdir -p /var/www/moodledata
sudo chown -R www-data:www-data /var/www/moodledata
sudo chown -R www-data:www-data /var/www/moodle
sudo chmod -R 755 /var/www/moodledata
sudo chmod -R 755 /var/www/moodle

Configure Nginx

Create nginx config file in /etc/nginx/sites-available and link it to the sites-enabled directory. After that, check the syntax using sudo nginx -t and then restart nginx.

# You can use nano or prefered text editor
$ sudo vim /etc/nginx/sites-available/moodle

# Check nginx config format
$ sudo nginx -t

# Restart nginx
$ sudo systemctl restart nginx.service

This is my config file (you can create it like this)

server {
    listen 80;
    listen [::]:80;
    root /var/ww/moodle;
    index index.php index.html index.htm;
    server_name tiftiga.tujuhlangit.id moodleadser.wuvel.net;

    client_max_body_size 100M;
    autoindex off;
    location / {
        try_files $uri $uri/ =404;
    location /dataroot/ {
        alias /var/ww/moodledata/;
    location ~ [^/].php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;

A little note from me, in this configuration i wrote 2 domain for the server_name because the first one is the domain from spreadsheet and the second one is Fikri’s domain to test if the server can be successfully served. You can actually implement multiple domain to points to your server as log as you create the A record in each DNS server. Common practice to use multiple subdomain like this is pointing something.com and www.something.com to the same web application.

Your moodle should be served by now, check it on the port 80 and you can see the installation setup.

Adding SSL Certificate

The last thing is adding SSL certificate so that the site serve with HTTPS (secure connection). To do that, we must first install certbot and python certbot module.

sudo apt install certbot python3-certbot-nginx -y

install certbot

Execute certbot and specify the domain.

sudo certbot --nginx -d yourdomain.com

execute certbot

Check if the Certificate is Valid.

verify certificate

Moodle Setup

Configure and verify the moodle and data directory for moodle.

verify data directory

Choose database driver, in my case it’s MySQL.

choose database driver

Configure database host to points to your database IP or domain, database name, user, password corresponding to what we created earlier, and database port to 3306.

configure db for moodle

After that, just click continue until the installation is completed. It should be like this after the configuration.

moodle admin dashboard