Request custom domains

[erussey]

The custom domain should be configured for both the staff interface and the public user/discovery interface.

Production Discovery interface: archives.libraries.emory.edu

Production Staff interface: archivesspace.libraries.emory.edu

Test Discovery interface: archives-test.libraries.emory.edu

Test Staff interface: archivesspace-test.libraries.emory.edu

Please also request redirects for:

archivespace.library.emory.edu (redirect to archivesspace.libraries.emory.edu)

archives.emory.edu (redirect to archives.libraries.emory.edu)

archives.library.emory.edu (redirect to archives.libraries.emory.edu)

archive.emory.edu (redirect to archives.libraries.emory.edu)

archive.library.emory.edu (redirect to archives.libraries.emory.edu)

**We do not need redirects for the test systems.

[erussey]

Do we want/need custom domains for the test system as well?

[kbowaterskelly]

I'll need to coordinate with OIT / NOC to get a bunch of CNAME records added. Because nothing is up and running at the moment, it's possible to simply submit a list and ask them to add the records vs actively managing them to avoid outages. I can't guarantee the time of response.

[kbowaterskelly]

The custom domain should be configured for both the staff interface and the public user/discovery interface.

Production Discovery interface: archives.libraries.emory.edu

Production Staff interface: archivesspace.libraries.emory.edu

Test Discovery interface: archives-test.libraries.emory.edu

Test Staff interface: archivesspace-test.libraries.emory.edu

---

@erussey Are you asking for these to just redirect to, eg, https://emory.lyrasistechnology.org/ ....? Because if not, a domain change also requires re authorizing each new URL in Shibboleth and Lyrasis will also have to issue new SSL certificates.

[erussey]

No, I am asking for them to be custom domains as has been done for Library Search and Digital Collections. So users should not see the old URLs. @tmill29 @AGCooper : we should probably develop a specific plan for this issue to avoid the confusion we all had around the last domain change ticket.

[AGCooper]

I'll look at scheduling a meeting to discuss this

[kbowaterskelly]

Changing the primary URLs for the application(s) will be negligibly difficult in the case of the PUIs.

In the case of the staff side interfaces, this will require a scheduled takedown of the application, migration to the new URL, generation of new metadata, and submission and authorization of the new metadata with Shibboleth.

In either case, Lyrasis believes they can generate the SSL certificates for us.

As far as redirects for alternate URLs go, the application may not support multi domain certificates, so this may not be feasible without a fair bit of wrangling on our part. Blake is checking with his tech lead to verify.

[kbowaterskelly]

I've updated my work estimate for this ticket. The likelihood of the work as stated being done by the end of this sprint seems pretty negligible.

[AGCooper]

Strategy meeting scheduled by Torri for 03/13.

[erussey]

Any necessary downtime is ok within the following parameters:

• Not on a Monday so as to not interfere with ASpace deploy schedules

• With at least a week notice, so archivists can be notified of the downtime

• Up to a day of downtime to allow for scheduling and testing

[kbowaterskelly]

probably a good idea to get a CI created for archivesspace, at the beginning of the project is better

[kbowaterskelly]

Maintenance window for domain switch and re authorization in Shibboleth is scheduled 3/28 12-4 EST

[jcrompton42]

@kbowaterskelly an /etc/httpd/sites.d/archivespace-redirects.conf file exists detailing all requested redirects. You'll need to update the sslcertificate directives once you have the ssl certs.

[jcrompton42]

@erussey -I've been asked to look into the DNS situation. It appears you want https://emory.lyrasistechnology.org/ to change to archives.libraries.emory.edu and https://emory.lyrasistechnology.org/staff to change to archivesspace.libaries.emory.edu? Is this correct?

My understanding of lyrasis' comments and the system is that this is not actually possible. I can have archivesspace.libraries.emory.edu rewrite to archives.libraries.emory.edu/staff but lyrasis has advised they will only be able to advertise one url on their end. please advise.

[erussey]

@jcrompton42 : Ah, ok. Let's do what you suggest...please set up the following:

• I would like https://emory.lyrasistechnology.org to change (not redirect) to archives.libraries.emory.edu

• I'm ok with the staff side url being archives.libraries.emory.edu/staff

Please do the same with test:

• I would like https://emory-dev.lyrasistechnology.org to change (not redirect) to archives-test.libraries.emory.edu

• I'm ok with the test staff side url being archives-test.libraries.emory.edu/staff

The list of redirects, then should be: [new] archivesspace.libraries.emory.edu (archives.libraries.emory.edu) [new] archivespace.libraries.emory.edu (archives.libraries.emory.edu) [new] archivesspace.library.emory.edu (archives.libraries.emory.edu)

archivespace.library.emory.edu (redirect to archives.libraries.emory.edu) archives.emory.edu (redirect to archives.libraries.emory.edu) archives.library.emory.edu (redirect to archives.libraries.emory.edu) archive.emory.edu (redirect to archives.libraries.emory.edu) archive.library.emory.edu (redirect to archives.libraries.emory.edu)

Test does not need redirects.

[tmiles2]

Alex and Beth will meet about this ticket

[jcrompton42]

@erussey Above you say that you want prod to be archives.library.emory.edu while everything rewrites to archives.libraries.emory.edu.

Did you mean you want prod to be archives.libraries.emory.edu?

[erussey]

Yes! That was an error. I've fixed it above.

[jcrompton42]

Thanks! I've created ticket INC04003331 for the redirects and opened a basecamp message to ask Blake about the main records.

[jcrompton42]

All DNS records have been created. All redirects are operational and have an SSL cert for them on cascade.library.emory.edu.

Blake has confirmed that the archives*.libraries.emory.edu names will be operational with correct SSL on Tuesday prior to the shibboleth change that afternoon.

The shibboleth ticket for Gary has an update from me to include that the new name will be archives.libraries.emory.edu rather than archivesspace.libraries.emory.edu.

[erussey]

@jcrompton42 : Just confirming that we're still good to go with the maintenance window for ASpace tomorrow, Tuesday, March 28 starting at 12pm ET.

[jcrompton42]

@erussey Yes, I spoke with @kbowaterskelly and we are good to go.

[kbowaterskelly]

Domain switch implemented and authenticated with Shibboleth. SSL certificate verified. Redirects as specified are all good except: archivespace.library.emory.edu (redirect has a typo). Corrected this.