Hi Chris On 20 February you wrote:
If you want to run it via IPV6 you will just need to set up Apache (or Nginx or whatever you have in front of plack) to support IPV6 (and the networking itself of course) and then it should work fine. There should be no tricks needed
Thanks for your answer! Meanwhile we have set up the Apache HTTP Server to support IPV6. Just for anyone who may need this information in the future I describe what we actually have done. I'm not exactly sure if everything is really necessary but however it seems to work for us. Here our instance is called "subdomain" ; IPV6 address is given as xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx ; IPV4 address is given as xxx.xxx.xxx.xxx ; we are using a X.509 certifivate from Let's Encrypt. 1. Don't deactivate IPV6 in file "/etc/sysctl.conf". # cat /proc/sys/net/ipv6/conf/all/disable_ipv6 1 2. In file "/etc/hosts" we included our IPV4 address as well as our IPV6 address. xxx.xxx.xxx.xxx subdomain.domain.xx xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx subdomain.domain.xx 3. The configuration of the Apache HTTP Server in file "/etc/apache2/sites-available/subdomain.conf" looks as follows. # Koha instance opac Apache config. # redirect http to https <VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:80 xxx.xxx.xxx.xxx:80> ServerName subdomain.domain.xx ServerAlias subdomain.domain.xx RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] </VirtualHost> <VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:8080 xxx.xxx.xxx.xxx:8080> ServerName subdomain.domain.xx ServerAlias subdomain.domain.xx RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}:8443/$1 [R,L] </VirtualHost> # OPAC <VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:443 xxx.xxx.xxx.xxx:443> SSLEngine on SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1 SSLCompression off SSLHonorCipherOrder on SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-SA- SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.xx/privkey.pem SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.xx/cert.pem SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.xx/chain.pem <IfVersion >= 2.4> Define instance "subdomain" </IfVersion> Include /etc/koha/apache-shared.conf # Include /etc/koha/apache-shared-disable.conf # Include /etc/koha/apache-shared-opac-plack.conf Include /etc/koha/apache-shared-opac.conf ServerName subdomain.domain.xx SetEnv KOHA_CONF "/etc/koha/sites/subdomain/koha-conf.xml" AssignUserID subdomain-koha subdomain-koha ErrorLog /var/log/koha/subdomain/opac-error.log # TransferLog /var/log/koha/subdomain/opac-access.log </VirtualHost> # Intranet <VirtualHost [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:8443 xxx.xxx.xxx.xxx:8443> SSLEngine on SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1 SSLCompression off SSLHonorCipherOrder on SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.xx/privkey.pem SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.xx/cert.pem SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.xx/chain.pem <IfVersion >= 2.4> Define instance "subdomain" </IfVersion> Include /etc/koha/apache-shared.conf # Include /etc/koha/apache-shared-disable.conf # Include /etc/koha/apache-shared-intranet-plack.conf Include /etc/koha/apache-shared-intranet.conf ServerName subdomain.domain.xx SetEnv KOHA_CONF "/etc/koha/sites/subdomain/koha-conf.xml" AssignUserID subdomain-koha subdomain-koha ErrorLog /var/log/koha/subdomain/intranet-error.log # TransferLog /var/log/koha/subdomain/intranet-access.log </VirtualHost> Best wishes: Michael -- Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz T 0041 (0)61 261 55 61 · E mik@adminkuhn.ch · W www.adminkuhn.ch Am 20.02.23 um 21:39 schrieb Chris Cormack:
Kia ora Michael
Chris
On 21/02/23 09:36, Michael Kuhn wrote:
Hi
Our library can access the the future virtual machine running Koha only via IPV6. I coulnd't find the terms IPV4 or IPV6 neither in https://wiki.koha-community.org/wiki/System_requirements_and_recommendations nor in the current Koha manual. Thus my question (since until now I have implemented only Koha-installations with IPV4):
Is Koha able to run just with IPV6 addresses, also when using Let's Encrypt?
Are there maybe some caveats?
Best wishes: Michael
Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha