24 Apr, 2020
Looking into Apache in 2020 and the first thing I discovered was the event worker module. If you are used to Nginx you'll think of it as a fast non-blocking, event based server and you might recall Apache as slow and thread or process based. With the event worker (the default on Debian/Ubuntu now), Apache also uses an event loop and claims similar performance to Nginx.
Here I'm setting up Apache from Buster Backports on a Raspberry Pi 4 with mod_md to automatically set up SSL certificates for free.
The version of Apache that comes with Debian stable doesn't have a recent enough version of mod_md to support Lets Encrypt:
pi@planck:~ $ apt search apache2
Sorting... Done
Full Text Search... Done
apache2/stable 2.4.38-3+deb10u4 armhf
Apache HTTP Server
We need 2.4.40 or above for Lets Encrypt ACME 2.0 support. We can install it from Buster Backports.
https://community.letsencrypt.org/t/debian-10-buster-howto-use-mod-md-after-acmev1-deactivation/106167
First add the Buster Backports repository and key:
echo "deb http://deb.debian.org/debian buster-backports main" | sudo tee /etc/apt/sources.list.d/buster-backports.list
wget http://ftp.uk.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2021.1.1_all.deb
sudo dpkg -i debian-archive-keyring_2021.1.1_all.deb
rm debian-archive-keyring_2021.1.1_all.deb
sudo apt update
The apt tool will install from the repository with the highest priority, and will choose the highest numbered version of the package in that repository. You can see by running the command below that the backports repo has a priority of 100 and the others are 500, so by default the backports are ignored:
pi@planck:~ $ apt-cache policy
Package files:
100 /var/lib/dpkg/status
release a=now
500 http://archive.raspberrypi.org/debian buster/main armhf Packages
release o=Raspberry Pi Foundation,a=testing,n=buster,l=Raspberry Pi Foundation,c=main,b=armhf
origin archive.raspberrypi.org
100 http://deb.debian.org/debian buster-backports/main armhf Packages
release o=Debian Backports,a=buster-backports,n=buster-backports,l=Debian Backports,c=main,b=armhf
origin deb.debian.org
500 http://raspbian.raspberrypi.org/raspbian buster/rpi armhf Packages
release o=Raspbian,a=stable,n=buster,l=Raspbian,c=rpi,b=armhf
origin raspbian.raspberrypi.org
500 http://raspbian.raspberrypi.org/raspbian buster/non-free armhf Packages
release o=Raspbian,a=stable,n=buster,l=Raspbian,c=non-free,b=armhf
origin raspbian.raspberrypi.org
500 http://raspbian.raspberrypi.org/raspbian buster/contrib armhf Packages
release o=Raspbian,a=stable,n=buster,l=Raspbian,c=contrib,b=armhf
origin raspbian.raspberrypi.org
500 http://raspbian.raspberrypi.org/raspbian buster/main armhf Packages
release o=Raspbian,a=stable,n=buster,l=Raspbian,c=main,b=armhf
origin raspbian.raspberrypi.org
Pinned packages:
Now pin the Apache packages we need to use Buster Backports:
cat << EOF | sudo tee -a /etc/apt/preferences.d/99debian-backports
Package: apache2
Pin: release a=buster-backports
Pin-Priority: 900
Package: apache2-bin
Pin: release a=buster-backports
Pin-Priority: 900
Package: apache2-data
Pin: release a=buster-backports
Pin-Priority: 900
Package: apache2-utils
Pin: release a=buster-backports
Pin-Priority: 900
EOF
You might also choose to pin other Apache 2 dependencies, but I've just chosen these for now.
You can see we'll get the newer versions chosen now at the end of the output:
pi@planck:~ $ apt-cache policy
...
Pinned packages:
apache2-data -> 2.4.46-4~bpo10+1 with priority 900
apache2-bin -> 2.4.46-4~bpo10+1 with priority 900
apache2 -> 2.4.46-4~bpo10+1 with priority 900
apache2-utils -> 2.4.46-4~bpo10+1 with priority 900
Install Apache2 and check:
sudo apt install -y apache2
pi@planck:~ $ apache2 -v
Server version: Apache/2.4.46 (Debian)
Server built: 2021-01-20T07:40:46
You can now see the default Apache pages and follow the usual instructions.
See Cron Update for a very simple way to keep these Apache packages and others up to date.
Be the first to comment.
Copyright James Gardner 1996-2020 All Rights Reserved. Admin.