Template Moodle untuk VestaCP

Tidak diragukan lagi, VestaCP adalah salah satu Web Hosting Control Panel (WHCP) gratis terbaik. Sejak dulu saya mengandalkan VestaCP untuk dipasang di VPS pribadi maupun VPS sekolah. Memang setahun lalu sempat timbul kegemparan akibat ada celah keamanan, tapi kemudian celah itu bisa ditutupi. Anda bisa membaca artikel saya sebelumnya tentang cara memperkuat benteng pertahanan agar server dengan WHCP VestaCP tidak mudah ditembus peretas.

Hanya ada satu ganjalan yang sampai artikel ini ditulis, belum juga ada perbaikan resmi dari VestaCP, yaitu tentang halaman yang seharusnya terlihat bila admin Moodle mengaktifkan mode Maintenance. Error ini hanya terjadi bila kita memakai Nginx dan php-fpm. Seharusnya pesan yang muncul adalah “The site is undergoing maintenance and is currently not available”. Tapi bila kita memakai Web Template Nginx bernama Moodle, yang terlihat justru pesan kesalahan “500. Internal Server Error. Sorry, something went wrong :(“. Pesan error seperti ini bukan saja tidak sedap dipandang, tapi juga membingungkan dan membuat siswa panik lalu menghubungi admin. Guru pun mungkin panik. Bayangkan setresnya saya ketika dibanjiri telepon dari ratusan siswa dan guru yang menanyakan satu pertanyaan yang sama.

Pesan error yang seharusnya tidak muncul saat mode Maintenance diaktifkan.

Pesan error yang seharusnya tidak muncul saat mode Maintenance diaktifkan.

Bila melihat dokumentasi dari Moodle (tautan) lalu dibandingkan dengan Template Moodle yang disediakan VestaCP, memang terlihat ada perbedaan.

Berangkat dari itu, saya mencoba membuat template baru bernama Moodle2. Silakan dicopy ke folder /usr/local/vesta/data/templates/web/nginx/php-fpm

Salin kode di bawah ini, kemudian disimpan dengan nama moodle2.tpl

# VestaCP Template for Moodle
# Created by Mawan Agus Nugroho
# Save this file into /usr/local/vesta/data/templates/web/nginx/php-fpm/moodle2.tpl

server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;

location / {
try_files $uri $uri/ =404; 
}

location /dataroot/ {
internal;
alias %home%/%user%/web/%domain%/moodledata/;
}

location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass %backend_lsnr%;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp3|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires max;
log_not_found off;
access_log off;
}

location = /favicon.ico {
log_not_found off;
access_log off;
}

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}

location ~ \..*/.*\.php$ {
return 403;
}

# No no for private
location ~ ^/sites/.*/private/ {
return 403;
}

# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}

error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;

location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}

location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}

location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}

include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;

include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

Salin kode di bawah ini, kemudian disimpan dengan nama moodle2.stpl

# VestaCP Template for Moodle
# Created by Mawan Agus Nugroho
# Save this file into /usr/local/vesta/data/templates/web/nginx/php-fpm/moodle2.stpl

server {
listen %ip%:%web_ssl_port% ssl;
server_name %domain_idn% %alias_idn%;
root %sdocroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;

ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;

location / {
try_files $uri $uri/ =404;
}

location /dataroot/ {
internal;
alias %home%/%user%/web/%domain%/moodledata/;
}

location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass %backend_lsnr%;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp3|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires max;
log_not_found off;
access_log off;
}

location = /favicon.ico {
log_not_found off;
access_log off;
}

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}

location ~ \..*/.*\.php$ {
return 403;
}

# No no for private
location ~ ^/sites/.*/private/ {
return 403;
}

# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}

error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;

location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}

location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}

location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}

include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;

include %home%/%user%/conf/web/snginx.%domain%.conf*;
}

Setelah disimpan, masuk ke VestaCP lalu klik: Web > Pilih domain > Edit.
Pada Web Template Nginx, pilih Moodle2. Lalu klik Save.

Semoga artikel ini bermanfaat.

Web Hosting

Leave a Reply