Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1.  Update and install system dependencies
    Code Block
    sudo apt-get update -y
    sudo apt-get install -y build-essential software-properties-common \
                            python-software-properties curl git-core \
                            libxml2-dev libxslt1-dev libfreetype6-dev \
                            python-pip python-apt python-dev \
                            libxmlsec1-dev swig libmysqlclient-dev
    sudo pip install --upgrade pip
    sudo pip install --upgrade virtualenv

  2. Clone the edx configuration repository and install edX and e-commerce

    Code Block
    cd /var/tmp
    git clone
    cd /var/tmp/configuration
    sudo pip install -r requirements.txt
    sudo pip install setuptools --upgrade
    cd /var/tmp/configuration/playbooks
    nano -w edx_sandbox.yml

    Inside the edx_sandbox.yml file, change the SANDBOX_ENABLE_ECOMMERCE flag from False to True.

    Code Block
    sudo ansible-playbook -c local edx_sandbox.yml -i "localhost,"

  3. Create a superuser account

    Code Block
    cd /edx/app/edxapp/edx-platform
    sudo -u www-data /edx/bin/python.edxapp ./ lms --settings awsproduction create_user -s -p edx -e
    sudo -u www-data /edx/bin/python.edxapp ./ lms --settings awsproduction changepassword user
    sudo -u www-data /edx/bin/python.edxapp ./ lms --settings awsproduction shell
    from django.contrib.auth.models import User
    me = User.objects.get(username="user")
    me.is_superuser = True
    me.is_staff = True

    NOTE: The username for this account will be the first half of the email address provided in line 2 (the user part). As such, "user" in lines 2, 3, and 7 should all be identical. In line 6, User is to be entered exactly as listed as that's referencing a Django model and not an explicit user.

  4. Configure edX

    1. Edit /edx/app/edxapp/lms.env.json (replacing <server> with the IP address or URL of your server)

      1. Change flag FEATURES['ENABLE_OAUTH2_PROVIDER'] to true
      2. Change flag OAUTH_ENFORCE_SECURE to false if not using SSL; also change https to http for the remaining items.
      3. Change flag JWT_ISSUER to "https://<server>:80/oauth2"
      4. Change OAUTH_OIDC_ISSUER to "https://<server>:80/oauth2"
      5. Change ECOMMERCE_API_URL to "http://<server>:18130/api/v2"
      6. Change ECOMERCE_PUBLIC_URL_ROOT to "http://<server>:18130"
      7. Change JWT_AUTH [ JWT_ISSUER ] to "https://<server>:80/oauth2"
      8. Change CMS_BASE to "<server>:18010"
      9. Change PREVIEW_LMS_BASE to "preview.<server>:18020"
      10. Change LMS_BASE to "<server>:80"
      11. Change LMS_ROOT_URL to "https://<server>:80"

    2. Restart edxapp processes

      Code Block
      sudo /edx/bin/supervisorctl restart edxapp:

    3. Create and register the client with OIDC/OAUTH
      1. Browse to <server>/admin/oauth2/client/1/ and log into the Django administration panel using the superuser username and password created earlier
        1. User: select the user we created earlier
        2. URL is http://<server>:18130/
        3. Redirect Url is https://<server>:18130/complete/edx-oidc/ (change to http is not using SSL)
        4. Client type is Confidential (Web applications)
        5. Logout URI: http://<server>:18130/logout/
        6. Note or change the Client ID and Client Secret. You will need this for the site configuration
      2. Browse to <server>/admin/edx_oauth2_provider
        1. Add trusted client
        2. From the drop-down menu, select the redirect URL you just entered

    4. Instruct the LMS to use Otto e-commerce (the one we're setting up)
      1. Browse to <server>/admin/commerce/commerceconfiguration and log into the Django administration panel using the superuser username and password created earlier
      2. Click the Add commerce configuration button in the upper right-hand corner
      3. In the Add commerce configuration screen, check the boxes for Enabled and Checkout on e-commerce service. Then click the save button in the lower right-hand corner.

  5. Configure e-commerce

    1. Site configuration

      Code Block
      sudo su ecommerce -s /bin/bash
      cd ~/ecommerce
      source ../ecommerce_env
      python makemigrations
      python migrate
      python create_or_update_site \
                       --site-id=1 \
                       --site-domain=<server:18130 or url> \
                       --partner-code=edX \
                       --partner-name='Open edX' \
                       --lms-url-root=http://<server or url> \
                       --payment-processors=cybersource,paypal \
                       --client-id=<change to OIDC client ID> \
                       --client-secret=<change to OIDC client secret> \
                       --discovery_api_url=http://<discovery url>

      change payment-processors to the name of the processor(s) you are using.


      For site-domain it is important to not include the http:// or https://

    2. Edit /edx/etc/ecommerce.yml (replacing <server> with your server's IP or url)

      1. Change COMMERCE_API_URL to http://<server>:80/api/commerce/v1/
      2. Change COURSE_CATALOG_API_URL to  http://<server>:8008/api/v1/
      3. Change ECOMMERCE_URL_ROOT to http://<server>:18130
      4. Change ENROLLMENT_API_URL to http://<server>:80/api/enrollment/v1/enrollment
      5. Change JWT_AUTH / JWT_ISSUERS (preserving the ecommerce_worker entry) to http://<server>:80/oauth2
      6. Change LMS_DASHBOARD_URL to http://<server>:80/dashboard
      7. Change LMS_HEARTBEAT_URL to http://<server>:80/heartbeat
      8. Change LMS_URL_ROOT to http://<server>:80
      9. Change OAUTH2_PROVIDER_URL to http://<server>:80/oauth2
      10. Change SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL to http://<server>:80/logout
      11. Change SOCIAL_AUTH_EDX_OIDC_URL_ROOT to http://<server>:80/oauth2

    3. If you do not have SSL set up, edit /edx/app/ecommerce/ecommerce/ecommerce/settings/

      1. Just after the from ecommerce.settings.logger import get_logger_config line, add the following

        1. DEBUG = True


          Besides for creating http instead of https in the build_ecommerce_url function, what else does setting the DEBUG flag to True do?

    4. Payment Processor configuration - PayPal


      You will need to add a REST API application to your PayPal account. More information on how to do this can be found at the PayPal Developer Documentation site. You will need the API Credentials to fill in the appropriate sections below.

      1. Edit /edx/etc/ecommerce.yml (Note that PayPal sandbox and live settings uses different ID and secret values)

        1. cancel_url: http://<server>:80/commerce/checkout/cancel/
        2. client_id: (your PayPal REST application client ID)
        3. client_secret: (your PayPal REST application secret)
        4. error_url: http://<server>:80/commerce/checkout/error/
        5. mode: (either sandbox for testing or live for production use)
        6. receipt_url: http://<server>:80/commerce/checkout/receipt/

    5. Restart e-commerce and edxapp processes

      Code Block
      sudo /edx/bin/supervisorctl restart edxapp: ecommerce: