KOA EDX & Blockstore 설치 (DB용)

## EDX용 DB서버 설치 
(EDX와 호환성을 위해 EDX 설치 스크립트로 설치)

- 인스턴스명 : EC2-AN2-OpenEDX-XXX
- EIP : 3.XXX.XXX.XXX
- 디스크용량: 480GB
- OS : Ubuntu 20.04

1. 사전 설정 (Ubuntu20.04 설치, ubuntu 계정으로 설치)
   - $ sudo apt update
   - $ sudo apt upgrade

   - sshd_config 파일에 PasswordAuthentication 설정 변경 (키 방식 -> 암호 로그인 방식으로 변경)
       : $ sudo vi /etc/ssh/sshd_config
       : PasswordAuthentication yes 로 변경
       : $ sudo service sshd restart

   - 유저 비밀번호를 설정합니다.
      : $ sudo passwd USERNAME (ubuntu)
      : 패스워드 입력

   - 환경 변수 설정
      : export OPENEDX_RELEASE=open-release/koa.master

   - /home/ubuntu# 홈폴더에 - config.yml 파일 생성 및 복사 (DB서버 IP확인 후 입력)
      ---------------------------------------
      : EDXAPP_LMS_BASE: "3.XXX.XXX.XXX"
      : EDXAPP_CMS_BASE: "3.XXX.XXX.XXX:18010"
      ---------------------------------------

   - my-passwords.yml (암호 통일) 를 Ubuntu 홈폴더에 복사 (별도 제공)


2. Ansible 설치
   - wget https://raw.githubusercontent.com/edx/configuration/$OPENEDX_RELEASE/util/install/ansible-bootstrap.sh -O - | sudo -E bash


3. Open edX KOA 설치 (120분 소요 예상)
   - wget https://raw.githubusercontent.com/edx/configuration/$OPENEDX_RELEASE/util/install/native.sh -O - | bash
   - 중간에 장애 or 재실행 명령어 (홈폴더에서 실행)
     : $ bash  /var/tmp/configuration/util/install/native.sh -vvv


4. KOA 초기 계정 생성 및 설정 (staff 계정 생성)
   - $ sudo su edxapp -s /bin/bash
   - $ cd
   - $ source edxapp_env
   - $ /edx/bin/manage.edxapp lms manage_user staff staff@example.com --staff --superuser --settings=production

   - 암호 재설정
      $ cd /edx/app/edxapp/edx-platform
      $ ./manage.py lms --settings production changepassword staff


5. BlockStore 설치 (Ubuntu 20.04 설치, ubuntu 계정으로 설치)
   - config.yml 파일 재생성 (Blockstore 내용 추가 / 별도 제공)
      --------------------------------------------------------------------------------------------------------------------
      EDXAPP_LMS_BASE: "3.XXX.XXX.XXX"
      EDXAPP_CMS_BASE: "3.XXX.XXX.XXX:18010"
      # Run blockstore, and expose it publicly at 'blockstore.openedx-example.com'

      SANDBOX_ENABLE_BLOCKSTORE: true
      # #BLOCKSTORE_NGINX_HOSTNAME: 'blockstore.*'
      BLOCKSTORE_NGINX_PORT: 80
      BLOCKSTORE_SSL_NGINX_PORT: 443
      BLOCKSTORE_SECRET_KEY: "Uy7RZZj0C2gtL1ky5YY6QbOFIqvT2dQKztlKDHKpphqXc3OOE0MD091AbjNjbCSmxiEuPrtOqYYqHJSnACVejNKexIvvToYzcWxn"

      # #BLOCKSTORE_DATABASE_HOST: mysql.openedx-example.com
      # #BLOCKSTORE_DATABASE_USER: blockstore_user
      # #BLOCKSTORE_DATABASE_PASSWORD: secretvalue3here
      # #BLOCKSTORE_DEFAULT_DB_NAME: my_openedx_blockstore
      #
      # # Use S3 for blockstore data (optional but recommended):
      # #BLOCKSTORE_SERVICE_CONFIG_OVERRIDES:
      # #    DEFAULT_FILE_STORAGE: storages.backends.s3boto3.S3Boto3Storage
      # #    AWS_ACCESS_KEY_ID: AKIAWABCDEFGHIJKLMNOPQRS
      # #    AWS_SECRET_ACCESS_KEY: secretvalue4here
      # #    AWS_STORAGE_BUCKET_NAME: blockstore-bucket
      #

      # # Configure LMS/Studio to access Blockstore:
      EDXAPP_BLOCKSTORE_API_URL: "http://3.XXX.XXX.XXX:18250/api/v1/"
      EDXAPP_LMS_ENV_EXTRA:
          BLOCKSTORE_API_AUTH_TOKEN: "Uy7RZZj0C2gtL1ky5YY6QbOFIqvT2dQKztlKDHKpphqXc3OOE0MD091AbjNjbCSmxiEuPrtOqYYqHJSnACVejNKexIvvToYzcWxn"
      EDXAPP_CMS_ENV_EXTRA:
          BLOCKSTORE_API_AUTH_TOKEN: "Uy7RZZj0C2gtL1ky5YY6QbOFIqvT2dQKztlKDHKpphqXc3OOE0MD091AbjNjbCSmxiEuPrtOqYYqHJSnACVejNKexIvvToYzcWxn"
      ---------------------------------------------------------------------------------------------------------------------

   - sudo vi /var/tmp/configuration/playbooks/roles/blockstore/meta/main.yml
     : edx_django_service_default_db_conn_max_age: 60 수정

   - sudo vi /var/tmp/configuration/playbooks/roles/mysql/defaults/main.yml
     : 5.7.33 -> 5.7.34 수정  (이미 변경되어 있으면 안해도 됨)

   - 우분투 홈폴더에서 실행
     : $ export OPENEDX_RELEASE=open-release/koa.master
     : $ bash /var/tmp/configuration/util/install/native.sh -vvv

   - 추가 설정
     : sudo vi /edx/etc/studio.yml  아래 내용 찾아서 신규 추가
       FEATURES:
       ENABLE_LIBRARY_AUTHORING_MICROFRONTEND: true

     : sudo /edx/etc/lms.yml 값과 동일하게 /edx/etc/studio.yml 수정 (매번 다름)
      ---------------------------------------------------------------------------------------------------------------------
       JWT_PRIVATE_SIGNING_JWK: '{"kty": "RSA", "kid": "N1V6CA6T", "n": "wFcINpIDL74jVIzkofwutRjYK--NwXNAwsdsEBcbUqBXcizx_TD7ZlDz_B4GA_u-POFdoX8UXe9Rsr5fChcrURh7LNUkT1vpQVoHfLYS1FFxEHu1aT4QNVItBYJGF3X5umcHbGYhB16brVPBTV8IpNi5h3YflA8CQShYS0AhWtNeVYXivHPZyCoiWJh6ITvgIljArpGPu5CBIN1S-mBn3uabHP1GV6GTmoxhKzmiIKpicJsKjrdROxGOnA6S2oZStEy9V7a8_rdUxhz7wNHAb3iGbytljrji8e35RKaP-c0TskPGhleuql-fTeI6W-Awtu0FYbN1fXS3UwnfQjAkIw",
           "e": "AQAB", "d": "BOUhM8OD9cZcpS19Ih4gmSAup4fVq5ifsQvvtwj_-3TpCYfgxVYqS4nxAr84vzTpaVXFOKSmSU-5tsRo6GMKY_l4YUkZZK0utZILuwd5d2FvHfKKZudPuJWQBTxfF-IsJG9pAQs3S-q_ZKZStvK0QMK1u3nszpTdrPhQn6aYf-V5tWrhOmo2Hco5XQWhZXfqP6qDfsV22oYBYzqoQwpsf1C5wt0fYBXlo72JfgG801CSq95ZxSjeMyAbjPOIoBh5pUPc-jgFIHgxKBNAdkhmzXLhwLd9ejOSXCzfDbqDQWZBaBZU7x8x10E3p45yKqXd283ej3S_MvblB5x-ng3pNQ",
           "p": "yjtEWjoc0K64FmMNtEym5VaBxZjocTV6qn7HvuLuCqojqc-XdHMX2lIq6ntodEniOhNnpCH09Q4uawrEiLW8lbIWr1Bx_28CXqLjE9yWTDnN_zDiy-WN7kbilaOJiKVd6dGv_b3-859dUl2Dwh5Tcu35KkDS6iPDI0G7uHxi4r8",
           "q": "83qBOthw5J1lKFIYPXdQe5y3MrhNeCSd3f3UfRDDohyEaHvIHPXTlC-XwdjksWP1dea066Fmy8mLSo2EEWDYFEqXeMPNlloa5_Ln6pcb1h7BRZmBwwStm4Jpf85AHtuwcntd5OZtkwJXd5xpITjvgz6mXLXcFmcZp-gsB3DLK50"}'
       JWT_PUBLIC_SIGNING_JWK_SET: '{"keys": [{"kty": "RSA", "kid": "N1V6CA6T", "n":
           "wFcINpIDL74jVIzkofwutRjYK--NwXNAwsdsEBcbUqBXcizx_TD7ZlDz_B4GA_u-POFdoX8UXe9Rsr5fChcrURh7LNUkT1vpQVoHfLYS1FFxEHu1aT4QNVItBYJGF3X5umcHbGYhB16brVPBTV8IpNi5h3YflA8CQShYS0AhWtNeVYXivHPZyCoiWJh6ITvgIljArpGPu5CBIN1S-mBn3uabHP1GV6GTmoxhKzmiIKpicJsKjrdROxGOnA6S2oZStEy9V7a8_rdUxhz7wNHAb3iGbytljrji8e35RKaP-c0TskPGhleuql-fTeI6W-Awtu0FYbN1fXS3UwnfQjAkIw",
           "e": "AQAB"}]}'
       JWT_SECRET_KEY: oc8bdwhjgs64U10V2TCTaYR3HrRi3zxUJHBzCUFoJxyje7HrN3p46G3kYQOX7Op4NPCRFdLvvHfaqbA2AVnnsSyTYwDo32uiDakW
       JWT_SIGNING_ALGORITHM: RS512
      -----------------------------------------------------------------------------------------------------------------

   - API 호출을 인증하고 만들 때, 사용할 edx 플랫폼용 서비스 사용자 생성
     : $ sudo su blockstore -s /bin/bash -c "source /edx/app/blockstore/blockstore_env && echo \"from django.contrib.auth import get_user_model; from rest_framework.authtoken.models import Token; User = get_user_model(); edxapp_user, _ = User.objects.get_or_create(username='edxapp'); Token.objects.get_or_create(user=edxapp_user, key='edxapp-insecure-devstack-key')\" | python /edx/app/blockstore/blockstore/manage.py shell"

   - Key 사용을 위한 LMS 및 Studio 구성 (각 2번 실행)
     : $ sudo su edxapp -s /bin/bash -c "grep BLOCKSTORE_API_AUTH_TOKEN /edx/app/edxapp/edx-platform/lms/envs/private.py || echo BLOCKSTORE_API_AUTH_TOKEN = \'edxapp-insecure-devstack-key\' >> /edx/app/edxapp/edx-platform/lms/envs/private.py"
     : $ sudo su edxapp -s /bin/bash -c "grep BLOCKSTORE_API_AUTH_TOKEN /edx/app/edxapp/edx-platform/cms/envs/private.py || echo BLOCKSTORE_API_AUTH_TOKEN = \'edxapp-insecure-devstack-key\' >> /edx/app/edxapp/edx-platform/cms/envs/private.py"

   - 새로운 컨텐츠 라이브러리 / xblock을 생성 할 수 있는 "컬렉션"을 생성
     : $ sudo su blockstore -s /bin/bash -c  "source /edx/app/blockstore/blockstore_env  && echo \"from blockstore.apps.bundles.models import Collection; coll, _ = Collection.objects.get_or_create(title='Devstack Content Collection', uuid='11111111-2111-4111-8111-111111111111')\" | python /edx/app/blockstore/blockstore/manage.py shell"
     : $ sudo su edxapp -s /bin/bash -c  "source /edx/app/edxapp/edxapp_env && echo \"from organizations.models import Organization; Organization.objects.get_or_create(short_name='DeveloperInc', defaults={'name': 'DeveloperInc', 'active': True})\" | python /edx/app/edxapp/edx-platform/manage.py  cms shell "

   - CORS (교차 출처 리소스 공유) 설정, 두 곳에 마지막줄 아래 내용 추가
     : sudo vi /edx/app/edxapp/edx-platform/cms/envs/production.py
       --------- Settings for brand logos --------------
       CORS_ALLOW_CREDENTIALS = True
       CORS_ORIGIN_ALLOW_ALL = True
       ------------------------------------------------

     : sudo vi studio.yml 파일에서 확인 (이미 true)
       FEATURES ['ENABLE_CORS_HEADERS'] = True

     : sudo vi /edx/app/edxapp/edx-platform/lms/envs/production.py
       --------- Settings for brand logos --------------
       CORS_ALLOW_CREDENTIALS = True
       CORS_ORIGIN_ALLOW_ALL = True
      ------------------------------------------------

     : sudo vi lms.yml 파일에서 확인 (이미 true)
       FEATURES ['ENABLE_CORS_HEADERS'] = True

   - BlockStore 링크 연동
     : sudo su edxapp -s /bin/bash -c  "ln -s /edx/app/edxapp/edx-platform/lms/static/xmodule_js /edx/var/edxapp/staticfiles/xmodule_js"
     : sudo su blockstore -s /bin/bash -c  "ln -s /edx/app/blockstore/blockstore/blockstore/media /edx/var/blockstore/media"
     : sudo su blockstore -s /bin/bash -c  "mkdir /edx/app/blockstore/blockstore/blockstore/media"
     : sudo chmod 777 /edx/app/blockstore/blockstore/blockstore/media


6. BlockStore Frontend 설치
   - mkdir workspace  (우분투 홈폴더에서 실행)
   - cd workspace
   - git clone http://3.XXX.XXX.XXX:1114/fox0807/frontend-app-library-authoring
   - cd frontend-app-library-authoring
   - url 수정 : .env
     : vi .env  (LMS 및 기타 18000 포트 제거)
     : :%s/localhost/3.XXX.XXX.XXX/g   (localhost 를 IP로 일괄 변경)
   - make requirements
   - npm audit fix
   - npm run build
   - sudo npm install forever -g

   - cd /home/ubuntu/workspace/frontend-app-library-authoring
     : $ sudo forever start server.js  (forever 실행)
     : $ sudo forever list  (정상여부 확인)
     : $ sudo forever stop 0  (forever 중지)

   - sudo vi /etc/nginx/sites-enabled/blockstore 수정
     : listen 80; ---> listen 18250; 변경

   - Nginx 및 EDX 서비스 재시작
     : sudo systemctl restart nginx
     : sudo /edx/bin/supervisorctl restart all

   - Blockstore 접속 테스트 (http://IP:3001/)









.