Re: [Koha] Koha and IPV6

Fri, 28 Apr 2023 04:33:24 -0700 

Hi Chris

On 20 February you wrote:

> If you want to run it via IPV6 you will just need to set up Apache (or
> Nginx or whatever you have in front of plack) to support IPV6 (and the
> networking itself of course) and then it should work fine.
> There should be no tricks needed

Thanks for your answer!
Meanwhile we have set up the Apache HTTP Server to support IPV6. Just for anyone who may need this information in the future I describe what we actually have done. I'm not exactly sure if everything is really necessary but however it seems to work for us.
Here our instance is called "subdomain" ; IPV6 address is given as xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx ; IPV4 address is given as xxx.xxx.xxx.xxx ; we are using a X.509 certifivate from Let's Encrypt. 


1. Don't deactivate IPV6 in file "/etc/sysctl.conf".

 # cat /proc/sys/net/ipv6/conf/all/disable_ipv6
 1
2. In file "/etc/hosts" we included our IPV4 address as well as our IPV6 address. 

 xxx.xxx.xxx.xxx subdomain.domain.xx
 xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx subdomain.domain.xx
3. The configuration of the Apache HTTP Server in file "/etc/apache2/sites-available/subdomain.conf" looks as follows. 


# Koha instance opac Apache config.

# redirect http to https
<VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:80 xxx.xxx.xxx.xxx:80> 
   ServerName subdomain.domain.xx
   ServerAlias subdomain.domain.xx
   RewriteEngine On
   RewriteCond %{HTTPS} !=on
   RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:8080 xxx.xxx.xxx.xxx:8080> 
   ServerName subdomain.domain.xx
   ServerAlias subdomain.domain.xx
   RewriteEngine On
   RewriteCond %{HTTPS} !=on
   RewriteRule ^/?(.*) https://%{SERVER_NAME}:8443/$1 [R,L]
</VirtualHost>

# OPAC
<VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:443 xxx.xxx.xxx.xxx:443> 
  SSLEngine on
  SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1
  SSLCompression off
  SSLHonorCipherOrder on
SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-SA- SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.xx/privkey.pem SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.xx/cert.pem SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.xx/chain.pem 

  <IfVersion >= 2.4>
   Define instance "subdomain"
  </IfVersion>
   Include /etc/koha/apache-shared.conf
#  Include /etc/koha/apache-shared-disable.conf
#  Include /etc/koha/apache-shared-opac-plack.conf
   Include /etc/koha/apache-shared-opac.conf

   ServerName subdomain.domain.xx
   SetEnv KOHA_CONF "/etc/koha/sites/subdomain/koha-conf.xml"
   AssignUserID subdomain-koha subdomain-koha

   ErrorLog    /var/log/koha/subdomain/opac-error.log
#  TransferLog /var/log/koha/subdomain/opac-access.log
</VirtualHost>

# Intranet
<VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:8443 xxx.xxx.xxx.xxx:8443> 
  SSLEngine on
  SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1
  SSLCompression off
  SSLHonorCipherOrder on
SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.xx/privkey.pem SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.xx/cert.pem SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.xx/chain.pem 

  <IfVersion >= 2.4>
   Define instance "subdomain"
  </IfVersion>
   Include /etc/koha/apache-shared.conf
#  Include /etc/koha/apache-shared-disable.conf
#  Include /etc/koha/apache-shared-intranet-plack.conf
   Include /etc/koha/apache-shared-intranet.conf

   ServerName subdomain.domain.xx
   SetEnv KOHA_CONF "/etc/koha/sites/subdomain/koha-conf.xml"
   AssignUserID subdomain-koha subdomain-koha

   ErrorLog    /var/log/koha/subdomain/intranet-error.log
#  TransferLog /var/log/koha/subdomain/intranet-access.log
</VirtualHost>


Best wishes: Michael
--
Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis
Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz
T 0041 (0)61 261 55 61 · E m...@adminkuhn.ch · W www.adminkuhn.ch



Am 20.02.23 um 21:39 schrieb Chris Cormack:

Kia ora Michael


Chris

On 21/02/23 09:36, Michael Kuhn wrote:

Hi
Our library can access the the future virtual machine running Koha only via IPV6. I coulnd't find the terms IPV4 or IPV6 neither in https://wiki.koha-community.org/wiki/System_requirements_and_recommendations nor in the current Koha manual. Thus my question (since until now I have implemented only Koha-installations with IPV4):
Is Koha able to run just with IPV6 addresses, also when using Let's Encrypt? 

Are there maybe some caveats?

Best wishes: Michael

_______________________________________________

Koha mailing list  http://koha-community.org
Koha@lists.katipo.co.nz
Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha



_______________________________________________

Koha mailing list  http://koha-community.org
Koha@lists.katipo.co.nz
Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha

Reply via email to