Closed datadavev closed 3 years ago
Apache 2.4.48 is available from the PPA at https://launchpad.net/~ondrej/+archive/ubuntu/apache2
It is added by:
sudo add-apt-repository ppa:ondrej/apache2
sudo apt update
Procedure for update is basically:
After adding the PPA for apache, upgrade of apache went smoothly. However test reported:
$ sudo apache2ctl -v
Server version: Apache/2.4.48 (Ubuntu)
Server built: 2021-06-08T07:06:36
$ sudo apache2ctl -t
[Thu Jun 17 18:54:02.227047 2021] [proxy:warn] [pid 19721:tid 140686635940800] AH10249: ProxyPass/<Proxy> and ProxyPassMatch/<ProxyMatch> can't be used altogether with the same worker name (https://cn.dataone.org/); ignoring ProxyPass
The search UI operated as expected when accessing search-ucsb-1.dataone.org
however, the UI reported an error after switching DNS for search.dataone.org
back to search-ucsb-1
:
Error details: // The path to your configuration file for MetacatUI. This can be any web-accessible location. var appConfigPath = "/js/themes/dataone/config.js";
Determined this error was a consequence of the ProxyPass
warning preventing connection by the client to the CN. The ProxyPass statements were adjusted to:
ProxyPassMatch "^/cn/v1/(.*)" "https://cn.dataone.org/cn/v1/$1"
ProxyPassReverse "/cn/v1/" "https://cn.dataone.org/cn/v1/"
ProxyPassMatch "^/cn/v2/(.*)" "https://cn.dataone.org/cn/v2/$1"
ProxyPassReverse "/cn/v2/" "https://cn.dataone.org/cn/v2/"
After restarting apache, the UI operated as expected.
Note: Minor issue to follow up on - the multiple ProxyPassMatch
can likely be merged to a single, why were they explicitly separate originally?
The latest version of apache available through Ubuntu channels is 2.4.29 which although is stables and receives backports for security, triggers notification from UCSB scanners.
This issue documents the upgrade of apache on search.dataone.org to use the latest apache release, currently 2.4.48.