Bitnami Open edX for Huawei

Enterprise Cloud

Description

Open edX is a platform for large-scale digital course delivery. Conceived by

nonprofit online learning destination edX, it provides a range of authoring tools

to let educators build vibrant online learning communities.

First steps with the Open edX powered by

Bitnami

Welcome to your new Bitnami application running on Huawei Enterprise Cloud!

Here are a few questions (and answers!) you might need when first starting

with your application.

What is the administrator username set for me to log in to the

application for the first time?

Username: user@example.com

What is the administrator password?

To obtain the administrator password, click the "Remote Login" menu option

next to the server name in the Huawei Cloud Server Console. This will launch

a new browser window with an encrypted login session. The application

password will be displayed on the login welcome screen.

What SSH username should I use for secure shell access to

my application?

SSH username: root

What components are included in the Open

edX powered by Bitnami?

There are three major components included in the Open edX powered by

Bitnami:

edX Platform: Centerpiece of the Open edX architecture. It contains the

Learning Management System (LMS) and the Course Management

System (CMS), Studio.

XQueue: IDA (Independently Deployed Application) that defines an

interface for the LMS to communicate with external grader services.

Forum: IDA used by the LMS via API to integrate discussions into the

learners' course experience.

There are other components included in the Stack which are required by the

Open edX services such as RabbitMQ, MongoDB, MySQL, Memcached,

Apache or Elasticsearch.

See Open edX architecture for more information about the Open edX

structure.

Where to find the components included in Open edX Stack?

NOTE: This is the structure defined since Eucalyptus version.

Find the components mentioned before at:

edX platform: /opt/bitnami/apps/edx.

XQueue: /opt/bitnami/apps/xqueue.

Forum: /opt/bitnami/apps/forum.

How to change the Open edX configuration?

Each component included in the Open edX Stack has its own configuration

files:

The edX platform configuration files are located at

/opt/bitnami/apps/edx/conf/.

The XQueue configuration files are located at

/opt/bitnami/apps/xqueue/conf/.

The edX forum configuration files are located at

/opt/bitnami/apps/forum/conf/.

NOTE: Any modifications made in the configuration files will be loaded after

restarting the Apache server.

How to access the different services in the

Open edX Stack?

NOTE: Remember to replace the SERVER-IP placeholder in the examples

below with the actual IP address of your (edX) server.

LMS

Access the edX LMS at http://SERVER-IP.

NOTE: Use HTTPS for secure connections: https://SERVER-IP.

Studio (CMS)

To access the edX Studio, browse to http://SERVER-IP/edx-studio which

redirects you to the proper port where Studio is listening (by default, 18010).

Django Admin console

For security reasons, Django Admin console is only accessible when using

127.0.0.1 as hostname. To access it from a remote system, you must create

an SSH tunnel in order to access the Apache Web server via 127.0.0.1 in your

local machine. Follow these instructions to create an SHH tunnel and remotely

connect safely.

While the tunnel is active, you should be able to access the Django Admin

console through the secure SSH tunnel you created, by browsing to

http://127.0.0.1:LOCAL_PORT/admin.

How do the different services interact with

each other in the Open edX Stack?

Services included in the Open edX Stack interact with each other in many

different ways. This section describes how the services interact and how you

can access them.

Forum and LMS

The LMS communicates with the Forum service through an API at

http://localhost:18080 for integrating discussions into the learners' course

experience.

NOTE: This API is only accessible via localhost.

Check the edX Comments Service/Forums official documentation for more

information on this.

XQueue and LMS

The LMS can communicate with the XQueue through an HTTP POST request

to the URL http://SERVER-IP/xqueue/submit. The XQueue pushes a response

back to the LMS with an HTTP POST request to the callback URL.

XQueue and external graders

Passive graders wait for the XQueue to send them submissions. After that,

they respond synchronously with a graded response. The basic workflow

comprises the following stages:

The LMS sends messages to a particular queue.

XQueue checks its settings and finds that the queue has a URL

associated with it. XQueue forwards the message to that URL.

The passive grader receives a POST request from the XQueue and

responds synchronously with the graded response.

XQueue forwards the graded response to the callback URL the LMS

provided in its original message.

NOTE: The Bitnami Open edX Stack does not include any passiver grader.

Active graders pull messages off the XQueue and push responses back to the

XQueue. The basic workflow comprises the following stages:

The test sends messages to a particular queue.

The active grader polls the XQueue by using a REST-like interface.

When it receives a submission, it pushes a response back to the

XQueue, also using a REST-like interface.

XQueue pushes the response back to the LMS.

Check the XQueue official documentation for more information on this.

How to change the default administrator

password?

For security, it is recommended that you change the default administrator

password as soon as possible. You have two options:

If you have configured the SMTP settings, log in as an administrator

and click the "Reset Password" link. An email will be sent to your

account with the instructions to reset your password.

Go to http://SERVER-IP/admin to access the Django admin console.

Log in as the administrative user user. Then, click "Change Password"

in the upper-right corner.

How to debug Open edX errors?

NOTE: This section describes the log files location for the edX Eucalyptus

release. If you are using a prior version, find the log files at

/opt/bitnami/apps/edx/edxapp/log/.

The Open edX log files are stored at different paths depending on the service:

edX platform log files are stored at /opt/bitnami/apps/edx/var/log/.

XQueue log files are stored at /opt/bitnami/apps/xqueue/var/log/.

By default, both services are configured with a "local" log level. If you want to

increase the log level on each service in order to debug your application, you

need to follow the steps below:

Open the log configuration files with an editor. Depending on the service,

you will find that files at:

o edx platform: /opt/bitnami/apps/edx/conf/cms.env.json and

/opt/bitnami/apps/edx/conf/lms.env.json.

o XQueue: /opt/bitnami/apps/xqueue/conf/xqueue.env.json.

Substitute the value:

"LOCAL_LOGLEVEL": "INFO",

with:

"LOCAL_LOGLEVEL": "DEBUG",

Restart the Apache server to load the changes.

How to connect to the MySQL database?

You can connect to the MySQL database from the same computer where it is

installed with the mysql client tool.

mysql -u root -p

You will be prompted to enter the root user password. This is the same as the

application password.

Find out how to obtain application credentials.

How to debug errors in your database?

The main log file is created at /opt/bitnami/mysql/data/mysqld.log on the

MySQL database server host.

How to connect to the MongoDB database?

You can connect to the MongoDB database from the same computer where it

is installed. Run the mongo client authenticating as the root user against the

admin database:

mongo admin --username root -p

You will be prompted to enter the root user password. This is the same as the

application password.

Find out how to obtain application credentials.

How to debug errors in your MongoDB

database?

The main log file is created at /opt/bitnami/mongodb/log/mongodb.log on the

MongoDB database server host.

How to debug RabbitMQ errors?

To debug RabbitMQ's errors, check the log files of RabbitMQ at

/opt/bitnami/rabbitmq/var.

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and

restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without

any service name arguments to start all services:

sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the

service name as argument:

sudo /opt/bitnami/ctlscript.sh restart apache

Use this script to stop all services:

sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without

any arguments:

sudo /opt/bitnami/ctlscript.sh

How to create a full backup of Open edX?

Backup

The Open edX powered by Bitnami is self-contained and the simplest option

for performing a backup is to copy or compress the Bitnami stack installation

directory. To do so in a safe manner, you will need to stop all servers, so this

method may not be appropriate if you have people accessing the application

continuously.

Follow these steps:

Change to the directory in which you wish to save your backup:

cd /your/directory

Stop all servers:

sudo /opt/bitnami/ctlscript.sh stop

Create a compressed file with the stack contents:

sudo tar -pczvf application-backup.tar.gz /opt/bitnami

Restart all servers:

sudo /opt/bitnami/ctlscript.sh start

You should now download or transfer the application-backup.tar.gz file to a

safe location.

Restore

Follow these steps:

Change to the directory containing your backup:

cd /your/directory

Stop all servers:

sudo /opt/bitnami/ctlscript.sh stop

Move the current stack to a different location:

sudo mv /opt/bitnami /tmp/bitnami-backup

Uncompress the backup file to the original directoryv

sudo tar -pxzvf application-backup.tar.gz -C /

Start all servers:

sudo /opt/bitnami/ctlscript.sh start

If you want to create only a database backup, refer to these instructions for

MySQL and PostgreSQL.

How to configure outbound email settings?

Custom SMTP account or Gmail

Follow these steps:

Log in to the server console.

Navigate to the /opt/bitnami/apps/edx/conf directory.

Edit the files lms.env.json and cms.env.json and modify the lines below.

For example, for a Gmail account, use the settings below. Replace

USERNAME with your Gmail account username.

"EMAIL_HOST": "smtp.gmail.com",

"EMAIL_PORT": 587,

"EMAIL_USE_TLS": true,

"DEFAULT_FROM_EMAIL": "USERNAME@gmail.com",

Add the credentials to the lms.auth.json and cms.auth.json files.

Replace USERNAME and PASSWORD with your Gmail account

username and password respectively.

"EMAIL_HOST": "smtp.gmail.com",

"EMAIL_PORT": 587,

"EMAIL_USE_TLS": true,

"EMAIL_HOST_USER": "USERNAME@gmail.com",

"EMAIL_HOST_PASSWORD": "PASSWORD",

Restart the Apache server to load the changes.

To configure the application to use other third-party SMTP services for

outgoing email, such as SendGrid or Mandrill, refer to the FAQ.

Troubleshooting Gmail SMTP issues

If you are using Gmail as the outbound email server and you are not able to

send email correctly, Google may be blocking sign-in attempts from your apps

or devices. Depending on whether or not you use Google Apps, the steps to

correct this will differ.

For Google Apps users

If you are a Google Apps user, you will need your administrator to allow users

to change the policy for less secure apps. If you are a Google Apps

administrator, follow these steps:

Browse to the Google Apps administration panel.

Click on "Security" and then "Basic settings".

Look for the section "Less secure apps" and then click on "Go to

settings for less secure apps".

Select "Allow users to manage their access to less secure apps".

For other Google users

If you do not use Google Apps, follow the steps in the following sections,

depending on whether 2-step verification has been enabled on the account or

not.

If 2-step verification has not been enabled on the account, follow these steps:

Browse to the "Less secure apps" page and log in using the account you

are having problems with. This option is typically required by many

popular email clients, such as Outlook and Thunderbird, and should not

be considered unsafe.

Select the "Turn on" option.

If 2-step verification has been enabled on the account, you have to generate

an app password. Follow these steps:

Browse to the "App passwords" page.

Click "Select app" and choose the app you're using.

Click "Select device" and choose the device you're using.

Click the "Generate" button.

Enter the app password on your device.

Click the "Done" button.

Here are other options you may try:

Browse to the web version of Gmail and sign in to your account. Once

you're signed in, try to enable access for the application again.

Browse to the "Unlock Captcha" function page and sign in with your

Gmail username and password.

Disable IMAP from the Gmail web server interface and enable it again.

How to upload files to the server with SFTP?

Although you can use any SFTP/SCP client to transfer files to your server, the

link below explains how to configure FileZilla (Windows, Linux and Mac OS X),

WinSCP (Windows) and Cyberduck (Mac OS X). It is required to use your

server's private SSH key to configure the SFTP client properly. Choose your

preferred application and follow the steps in the link below to connect to the

server through SFTP.

How to upload files to the server

How to enable HTTPS support with SSL

certificates?

NOTE: The steps below assume that you are using a custom domain name

and that you have already configured the custom domain name to point to your

cloud server.

Bitnami images come with SSL support already pre-configured and with a

dummy certificate in place. Although this dummy certificate is fine for testing

and development purposes, you will usually want to use a valid SSL certificate

for production use. You can either generate this on your own (explained here)

or you can purchase one from a commercial certificate authority.

Once you obtain the certificate and certificate key files, you will need to update

your server to use them. Follow these steps to activate SSL support:

Use the table below to identify the correct locations for your certificate

and configuration files.

Variable Value

Current

application URL https://[custom-domain]/

Example: https://my-domain.com/ or

https://my-domain.com/appname

Apache

configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf

Certificate file /opt/bitnami/apache2/conf/server.crt

Certificate key file /opt/bitnami/apache2/conf/server.key

Variable Value

CA certificate

bundle file (if

present)

/opt/bitnami/apache2/conf/server-ca.crt

Copy your SSL certificate and certificate key file to the specified

locations.

NOTE: If you use different names for your certificate and key files, you should

reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the

corresponding Apache configuration file to reflect the correct file names.

If your certificate authority has also provided you with a PEM-encoded

Certificate Authority (CA) bundle, you must copy it to the correct

location in the previous table. Then, modify the Apache configuration

file to include the following line below the SSLCertificateKeyFile

directive. Choose the correct directive based on your scenario and

Apache version:

Variable Value

Apache

configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf

Directive to include

(Apache v2.4.8+)

SSLCACertificateFile

"/opt/bitnami/apache2/conf/server-ca.crt"

Directive to include

(Apache < v2.4.8)

SSLCertificateChainFile

"/opt/bitnami/apache2/conf/server-ca.crt"

NOTE: If you use a different name for your CA certificate bundle, you should

reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in

the corresponding Apache configuration file to reflect the correct file name.

Once you have copied all the server certificate files, you may make

them readable by the root user only with the following commands:

sudo chown root:root /opt/bitnami/apache2/conf/server*

sudo chmod 600 /opt/bitnami/apache2/conf/server*

Open port 443 in the server firewall. Refer to the FAQ for more

information.

Restart the Apache server.

You should now be able to access your application using an HTTPS URL.

How to create an SSL certificate?

You can create your own SSL certificate with the OpenSSL binary. A certificate

request can then be sent to a certificate authority (CA) to get it signed into a

certificate, or if you have your own certificate authority, you may sign it yourself,

or you can use a self-signed certificate (because you just want a test certificate

or because you are setting up your own CA).

Create your private key (if you haven't created it already):

sudo openssl genrsa -out /opt/bitnami/apache2/conf/server.key 2048

Create a certificate:

sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -o

ut /opt/bitnami/apache2/conf/cert.csr

IMPORTANT: Enter the server domain name when the above

command asks for the "Common Name".

Send cert.csr to the certificate authority. When the certificate authority

completes their checks (and probably received payment from you), they

will hand over your new certificate to you.

Until the certificate is received, create a temporary self-signed

certificate:

sudo openssl x509 -in /opt/bitnami/apache2/conf/cert.csr -out /opt

/bitnami/apache2/conf/server.crt -req -signkey /opt/bitnami/apach

e2/conf/server.key -days 365

Back up your private key in a safe location after generating a

password-protected version as follows:

sudo openssl rsa -des3 -in /opt/bitnami/apache2/conf/server.key -o

ut privkey.pem

Note that if you use this encrypted key in the Apache configuration file, it

will be necessary to enter the password manually every time Apache

starts. Regenerate the key without password protection from this file as

follows:

sudo openssl rsa -in privkey.pem -out /opt/bitnami/apache2/conf/se

rver.key

Find more information about certificates at http://www.openssl.org.

How to force HTTPS redirection?

Edit the configuration file /opt/bitnami/apps/edx/conf/httpd-lms.conf and find

the lines containing rewrite rules. Typically, it will look like this:

# Enable some basic redirections

RewriteEngine On

RewriteRule ^/edx-studio(/.*)? http://%{SERVER_NAME}:18010/ [R,L]

Update the above content with additional rules to force HTTPS redirection, so

that it looks like this:

# Enable some basic redirections

RewriteEngine On

RewriteRule ^/edx-studio(/.*)? http://%{SERVER_NAME}:18010/ [R,L]

# Force HTTPS redirection

RewriteCond %{HTTPS} !=on

RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

After modifying the Apache configuration files, restart Apache to apply the

changes.

How to debug Apache errors?

Once Apache starts, it will create two log files at

/opt/bitnami/apache2/logs/access_log and /opt/bitnami/apache2/logs/error_log

respectively.

The access_log file is used to track client requests. When a client

requests a document from the server, Apache records several

parameters associated with the request in this file, such as: the IP

address of the client, the document requested, the HTTP status code,

and the current time.

The error_log file is used to record important events. This file includes

error messages, startup messages, and any other significant events in

the life cycle of the server. This is the first place to look when you run

into a problem when using Apache.

If no error is found, you will see a message similar to:

Syntax OK

How to translate Open edX to my language?

Open edX uses Transifex, an open source translation platform, to power the

translation of edX software into different languages. All translations are hosted

at Transifex.com, which provides a web application allowing translators to

write, submit, and manage their translations.

In order to change the language, follow the steps below:

Sign up and join the edX platform Transifex project as a translator.

See the Transifex documentation for help with Transifex.

Create the ~/.transifexrc file and set your credentials as follows:

[https://www.transifex.com]

hostname = https://www.transifex.com

username = USER

password = PASS

token =

NOTE: Remember to replace the USER and PASS placeholders in the

previous example with your Transifex credentials.

Make sure that all languages you wish to download are present and

uncommented in the

/opt/bitnami/apps/edx/edx-patform/conf/locale/config.yaml.

Set the value of the LANGUAGE_CODE variable to the language you

desire (for example, set it to "es_es" to translate it to Spanish) in the

configuration files:

o /opt/bitnami/apps/edx/conf/cms.env.json

o /opt/bitnami/apps/edx/conf/lms.env.json

o /opt/bitnami/apps/edx/edx-platform/lms/envs/common.py

Download the translations by running the commands below:

cd /opt/bitnami/apps/edx/edx-platform

sudo /opt/bitnami/apps/edx/bin/paver.edxapp i18n_robot_pull

Download the translation for the Forum by running the commands

below:

sudo /opt/bitnami/use_edx

cd /opt/bitnami/apps/forum/cs_comments_service

cd /opt/bitnami/apps/forum/cs_comments_service

bundle install --with test

bundle exec bin/rake i18n:pull

Restart the Apache server to load the changes.

You can find more information at the Open edX Internationalization and

localization wiki page.

How to run paver, django-admin and python

commands in the Bitnami Open edX stack?

NOTE: This section describes the command location for the edX Eucalyptus

release. If you are using a prior version, find the commands at

/opt/bitnami/apps/edx/edx-platform/bin/.

Depending on the application you want to manage (edX Platform or XQueue),

there are a list of scripts available to run these commands with a

pre-configured environment for the application. The available scripts for each

application are listed below:

Option 1: edX platform

Option 2: XQueue

edX Platform

Paver and Python commands are located in the /opt/bitnami/apps/edx/bin

directory.

For example, to update your database using Python, you will need to execute

these commands:

cd /opt/bitnami/apps/edx/edx-platform

sudo /opt/bitnami/apps/edx/bin/python.edxapp ./manage.py lms syncdb --mi

grate --settings aws

sudo /opt/bitnami/apps/edx/bin/python.edxapp ./manage.py cms syncdb --mi

grate --settings aws

XQueue

Django-Admin and Python commands are located in the

/opt/bitnami/apps/xqueue/bin directory.

For example, to update your database using django-admin, you will need to

execute these commands:

sudo /opt/bitnami/apps/xqueue/bin/django-admin.xqueue syncdb --migrate -

-settings xqueue.bitnami_settings

How to enable an XBlock for a course?

For Cypress, Dogwood, Eucalyptus and higher versions of edX

Cypress and Dogwood versions include the Google Drive, MS File Storage

and Office Mix XBlocks. The Eucalyptus version includes the XBlocks below:

Acid

Crowdsource hinter

Drag and Drop v2

DoneXblock

RateXBlock

Google Drive

RecommenderXBlock

Office Mix XBlock

Staff Graded Assignment XBlock

Utils

XBlock-Poll

To install a different XBlock, follow these steps:

Log in to your server console.

Download the module.

Load the Open edX virtual environment:

source /opt/bitnami/apps/edx/venvs/edxapp/bin/activate

NOTE: Since the Eucalyptus version, the Bitnami Open edX Stack structure

has changed significantly. If you are using a prior version, load the

environment by running the command: source

/opt/bitnami/apps/edx/edx-platform/venv/bin/activate

Install the XBlock using pip:

sudo pip install /path/to/downloaded/xblock/

NOTE: The installation steps could differ depending on the XBlock. Check the

provider documentation to get more information.

Restart the Apache server to load the changes.

Next, enable the XBlock for the course, as follows:

Navigate to the course in Studio.

Click the "Settings -> Advanced settings" menu.

Specify the XBlock to use in the "Advanced Module List" area using a

comma-separated list. Note that you can find the name of the module in

the provider documentation.

You should now be able to use the extension. To check this, create a new unit

and select the "Advanced" button:

You should see the modules previously specified:

For Birch versions of edX

Follow these steps:

Enable the advanced modules. Edit the file located at

/opt/bitnami/apps/edx/edx-platform/cms/envs/common.py and set the

value of the ALLOW_ALL_ADVANCED_COMPONENTS variable to

"True".

Restart the Apache server to load the changes.

How to enable and apply a custom theme?

How to enable a custom theme for Studio?

Modify the /opt/bitnami/apps/edx/conf/cms.env.json file and set

ENABLE_COMPREHENSIVE_THEMING to "True".

Create a directory for your theme under

/opt/bitnami/apps/edx/var/themes/ and give read/write file permissions

to the daemon user:

mkdir -p /opt/bitnami/apps/edx/var/themes/THEME_NAME/cms/

sudo chown -R daemon:daemon /opt/bitnami/apps/edx/var/themes/THEM

E_NAME/cms/

NOTE: Remember to replace the THEME_NAME placeholder in the previous

commands with the name of your theme.

Add the absolute path of the themes directory to the

COMPREHENSIVE_THEME_DIRS configuration property and the

theme name to the THEME_NAME property in the

/opt/bitnami/apps/edx/conf/cms.env.json file.

Place your theme files in

/opt/bitnami/apps/edx/var/themes/THEME_NAME/cms/.

NOTE: Since the Eucalyptus version, the Bitnami Open edX Stack structure

has changed significantly. If you are using a prior version, find the themes at

/opt/bitnami/apps/edx/themes/.

Recompile Studio assets:

cd /opt/bitnami/apps/edx/edx-platform

sudo /opt/bitnami/apps/edx/bin/paver.edxapp update_assets cms --se

ttings=aws

NOTE: Since the Eucalyptus version, the Bitnami Open edX Stack structure

has changed significantly. If you are using a prior version, recompile the assets

by running the command:

/opt/bitnami/apps/edx/edx-platform/bin/paver.edxapp update_assets cms

–settings=aws

Restart the server to load the changes

How to enable a custom theme for the LMS?

Modify the /opt/bitnami/apps/edx/conf/lms.env.json file and set

ENABLE_COMPREHENSIVE_THEMING to "True".

Create a directory for your theme under

/opt/bitnami/apps/edx/var/themes/ and give read/write file permissions

to the daemon user:

mkdir -p /opt/bitnami/apps/edx/var/themes/THEME_NAME/lms/

sudo chown -R daemon:daemon /opt/bitnami/apps/edx/var/themes/THEM

E_NAME/lms/

NOTE: Remember to replace the THEME_NAME placeholder in the previous

commands with the name of your theme.

Add the absolute path of the themes directory to the

COMPREHENSIVE_THEME_DIRS configuration property and the

theme name to the THEME_NAME property in the

/opt/bitnami/apps/edx/conf/lms.env.json file.

Place your theme files in

/opt/bitnami/apps/edx/var/themes/THEME_NAME/lms/.

NOTE: Since the Eucalyptus version, the Bitnami Open edX Stack structure

has changed significantly. If you are using a prior version, find the themes at

/opt/bitnami/apps/edx/themes/.

Recompile LMS assets:

cd /opt/bitnami/apps/edx/edx-platform

sudo /opt/bitnami/apps/edx/bin/paver.edxapp update_assets lms --se

ttings=aws

NOTE: Since the Eucalyptus version, the Bitnami Open edX Stack structure

has changed significantly. If you are using a prior version, recompile the assets

by running the command:

/opt/bitnami/apps/edx/edx-platform/bin/paver.edxapp update_assets lms

–settings=aws

Restart the server to load the changes

Example of using the same theme for Studio and LMS:

Folder Structure:

-/opt/bitnami/apps/edx/var/themes/

|-my-custom-theme

|-cms

|-static

|-templates

|-lms

|-static

|-templates

lms.env.json and cms.env.json:

"ENABLE_COMPREHENSIVE_THEMING": true,

"COMPREHENSIVE_THEME_DIRS": [

"/opt/bitnami/apps/edx/var/themes/",

],

"THEME_NAME": "my-custom-theme"

How to apply a custom theme?

Access the Django administration console (check the Django Admin

Console instructions for more information).

Browse to "Theming -> Site themes -> Add site theme".

From the "Site menu", select the site you want to apply a theme to.

Enter the identifier of the theme and select "Save".

How to install CodeJail Sandbox?

CodeJail manages execution of untrusted code in secure sandboxes. It is

designed primarily for Python execution, but can be used for other languages

as well.

A CodeJail sandbox consists of several pieces:

Sandbox environment: language setup (e.g. Python) and associated

core packages.

Sandbox packages: additional packages needed for a given run.

Untrusted packages: code and data submitted by the student to be

tested on the server.

OS packages: system libraries needed to run the language (e.g.

Python).

Visit the CodeJail official documentation to learn more about CodeJail.

For Eucalyptus and higher versions of edX

Since the Eucalyptus version, a CodeJail sandbox is already included in the

Open edX Stack. You can find it under

/opt/bitnami/apps/edx/venvs/edxapp-sandbox. Despite it being already

included, there are some extra steps that must be done to enforce its security

and make it usable by the LMS. Take a look at this section in order to make it

completely operative.

For Birch, Cypress and Dogwood versions of edX

In previous versions, CodeJail was not included in the Bitnami Open edX

Stack. In order to install it, follow the steps below:

Log in to the server console and navigate to the edx-platform directory

cd /opt/bitnami/apps/edx/edx-platform/

Create a new virtualenv for the sandbox:

export BITNAMI_ROOT=/opt/bitnami

/opt/bitnami/python/bin/virtualenv venv-sandbox

Activate the virtualenv and install the requirements. You will need to

install fortran and set some environment variables:

sudo apt-get install gfortran

export BLAS=/opt/bitnami/common/lib/

export LAPACK=/opt/bitnami/common/lib/

export LDFLAGS="$LDFLAGS -shared"

source venv-sandbox/bin/activate

pip install -r requirements/edx-sandbox/base.txt

pip install -r requirements/edx-sandbox/local.txt

pip install -r requirements/edx-sandbox/post.txt

Due to how Python is configured, it is not possible to use the generated

Python binary in the sandbox virtualenv with AppArmor. So, copy the

system's Python binary to the sandbox:

cp /usr/bin/python /opt/bitnami/apps/edx/venv-sandbox/bin/python

How to enforce sandbox security?

NOTE: Since the Eucalyptus version, the Bitnami Open edX Stack structure

changed significantly. If you are using a prior version, modify the path to the

Python binary in the steps below by using:

/opt/bitnami/apps/edx/edx-platform/venv-sandbox/bin/python

Security is enforced with AppArmor. If your operating system doesn't support

AppArmor, then CodeJail won't protect the execution. You can install

AppArmor on a Debian-based OS by executing:

sudo apt-get install apparmor

Create a user for the sandbox:

sudo addgroup sandbox

sudo adduser --disabled-login sandbox --ingroup sandbox

Add permissions for the Apache daemon user to execute commands as

sandbox user:

sudo visudo -f /etc/sudoers.d/01-sandbox

The file should look like this:

daemon ALL=(sandbox) SETENV:NOPASSWD:/opt/bitnami/apps/edx/venvs

/edxapp-sandbox/bin/python

daemon ALL=(sandbox) SETENV:NOPASSWD:/usr/bin/find

daemon ALL=(ALL) NOPASSWD:/usr/bin/pkill

Create a file for AppArmor at

/etc/apparmor.d/opt.bitnami.apps.edx.venvs.edxapp-sandbox.bin.pytho

n and populate it with this content:

#include <tunables/global>

/opt/bitnami/apps/edx/venvs/edxapp-sandbox/bin/python {

#include <abstractions/base>

#include <abstractions/python>

/opt/bitnami/apps/edx/venvs/edxapp-sandbox/** mr,

# If you have code that the sandbox must be able to access, ad

d lines

# pointing to those directories:

/opt/bitnami/apps/edx/edx-platform/common/lib/sandbox-package

s/** r,

/opt/bitnami/python/lib/python2.7/** r,

/tmp/codejail-*/ rix,

/tmp/codejail-*/** wrix,

}

Add the previous file to apparmor_parser and restart the Apache server:

sudo apparmor_parser /etc/apparmor.d/opt.bitnami.apps.edx.venvs.e

dxapp-sandbox.bin.python

sudo sudo /opt/bitnami/ctlscript.sh restart apache

How to execute edX Comments Service

(Forum) tests?

You can use the rspec in order to test a setup of edX Forum for integration

tests.

Required gems installation

Before executing the tests, it's necessary to run bundle install to install some

missing gems. Install them running the commands below:

sudo /opt/bitnami/use_edx

cd /opt/bitnami/apps/forum/cs_comments_service

bundle install --with test

Test execution

To run the test suite, use:

sudo /opt/bitnami/use_edx

cd /opt/bitnami/apps/forum/cs_comments_service

bundle exec bin/rspec

How to run XQueue tests?

NOTE: This functionality is only available in the Eucalyptus version and better.

You can use the Integration Test Framework in order to test a setup of

XQueue for integration tests.

Configuration

Tests use the configuration parameters defined at

/opt/bitnami/apps/xqueue/conf/xqueue.test_env.json. Tests that require

authentication to run should raise a SkipTest exception if the authentication

information is not provided.

The Bitnami Open edX Stack is already configured to test XQueue with

RabbitMQ integration. However, you need to edit the configuration JSON file in

order to test Mathworks integration since authentication information is not

provided.

Test execution

To run the test suite, use:

sudo /opt/bitnami/apps/xqueue/bin/python.xqueue manage.py test --setting

s xqueue.test_settings --noinput

Troubleshooting

Errors sending bulk email

You may encounter errors sending bulk email from the instructor tab. This is

usually because the bulk email subsystem reqquires the lynx plaintext browser

to convert HTML email to plaintext (discussed at

https://github.com/edx/edx-platform/wiki/Bulk-Email#required-packages

).

To resolve this, install the lynx browser using the command below:

sudo apt-get install lynx