Oracle APEXの環境作成
ubuntu@ordsmcp2:~$ sh prepare-ubuntu.sh
ubuntu@ordsmcp2:~$ sh prepare-ubuntu.sh
IS_ADB = false
INSTALL_APEX = true
50 packages can be upgraded. Run 'apt list --upgradable' to see them.
The following NEW packages will be installed:
hwdata libnuma1 libpython3.12t64 libslang2 libtraceevent1 linux-headers-6.17.0-1009-oracle linux-image-6.17.0-1009-oracle
linux-modules-6.17.0-1009-oracle linux-modules-extra-6.17.0-1009-oracle linux-oracle-6.17-headers-6.17.0-1009
linux-oracle-6.17-tools-6.17.0-1009 linux-tools-6.17.0-1009-oracle linux-tools-common wireless-regdb
The following packages will be upgraded:
bsdutils coreutils curl eject fdisk fwupd intel-microcode libblkid1 libcurl3t64-gnutls libcurl4t64 libfdisk1 libfreetype6
libfwupd2 libmount1 libnftables1 libnss3 libpam-systemd libpython3.12-minimal libpython3.12-stdlib libsmartcols1 libssh-4
libsystemd-shared libsystemd0 libudev1 libuuid1 linux-base linux-headers-oracle linux-image-oracle linux-oracle mount nftables
openssh-client openssh-server openssh-sftp-server pollinate python3-cryptography python3-jwt python3.12 python3.12-minimal
snapd sudo systemd systemd-dev systemd-resolved systemd-sysv systemd-timesyncd ubuntu-drivers-common udev util-linux xxd
50 upgraded, 14 newly installed, 0 to remove and 0 not upgraded.
43 standard LTS security updates
Need to get 282 MB of archives.
After this operation, 333 MB of additional disk space will be used.
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 75256 files and directories currently installed.)
Preparing to unpack .../bsdutils_1%3a2.39.3-9ubuntu6.5_amd64.deb ...
Unpacking bsdutils (1:2.39.3-9ubuntu6.5) over (1:2.39.3-9ubuntu6.4) ...
Setting up bsdutils (1:2.39.3-9ubuntu6.5) ...
(Reading database ... 75256 files and directories currently installed.)
Preparing to unpack .../coreutils_9.4-3ubuntu6.2_amd64.deb ...
Unpacking coreutils (9.4-3ubuntu6.2) over (9.4-3ubuntu6.1) ...
Setting up coreutils (9.4-3ubuntu6.2) ...
[中略]
Preparing to unpack .../10-git_1%3a2.43.0-1ubuntu7.3_amd64.deb ...
Unpacking git (1:2.43.0-1ubuntu7.3) ...
Selecting previously unselected package libslirp0:amd64.
Preparing to unpack .../11-libslirp0_4.7.0-1ubuntu3_amd64.deb ...
Unpacking libslirp0:amd64 (4.7.0-1ubuntu3) ...
Selecting previously unselected package patch.
Preparing to unpack .../12-patch_2.7.6-7build3_amd64.deb ...
Unpacking patch (2.7.6-7build3) ...
Selecting previously unselected package slirp4netns.
Preparing to unpack .../13-slirp4netns_1.2.1-1build2_amd64.deb ...
Unpacking slirp4netns (1.2.1-1build2) ...
Setting up less (590-2ubuntu2.1) ...
Setting up liberror-perl (0.17029-2) ...
Setting up docker-buildx-plugin (0.31.1-1~ubuntu.24.04~noble) ...
Setting up containerd.io (2.2.2-1~ubuntu.24.04~noble) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /usr/lib/systemd/system/containerd.service.
Setting up patch (2.7.6-7build3) ...
Setting up docker-compose-plugin (5.1.1-1~ubuntu.24.04~noble) ...
Setting up docker-ce-cli (5:29.3.1-1~ubuntu.24.04~noble) ...
Setting up libslirp0:amd64 (4.7.0-1ubuntu3) ...
Setting up pigz (2.8-1) ...
Setting up git-man (1:2.43.0-1ubuntu7.3) ...
Setting up docker-ce-rootless-extras (5:29.3.1-1~ubuntu.24.04~noble) ...
Setting up slirp4netns (1.2.1-1build2) ...
Setting up docker-ce (5:29.3.1-1~ubuntu.24.04~noble) ...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /usr/lib/systemd/system/docker.socket.
Setting up git (1:2.43.0-1ubuntu7.3) ...
Processing triggers for libc-bin (2.39-0ubuntu8.7) ...
ubuntu@ordsmcp2:~$
ubuntu@ordsmcp2:~$ sudo shutdown -r now
Broadcast message from root@ordsmcp2 on pts/1 (Wed 2026-02-25 03:31:17 UTC):
The system will reboot now!
スクリプト内で作成しているユーザーoracleに切り替えて作業します。
sudo su - oracle
ubuntu@ordsmcp2:~$ sudo su - oracle
$
これ以降の作業はほとんどOracle Linux 10と同じですが、podmanの代わりにDockerを使用します。
Oracle APEXの最新のアーカイブをダウンロードし解凍します。その他に、データファイルを保管するディレクトリoradataと、ORDSの構成ファイルを保管するディレクトリords_configを作成します。
curl -OL https://download.oracle.com/otn_software/apex/apex-latest.zip
unzip -q apex-latest.zip
mkdir oradata
mkdir ords_config
$ curl -OL https://download.oracle.com/otn_software/apex/apex-latest.zip
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 289M 100 289M 0 0 123M 0 0:00:02 0:00:02 --:--:-- 123M
$ unzip -q apex-latest.zip
$ mkdir oradata
$ mkdir ords_config
$
docker pull container-registry.oracle.com/database/ords:latest
$ docker pull container-registry.oracle.com/database/free:latest
latest: Pulling from database/free
41fec24cd635: Pull complete
3bf32880b451: Pull complete
2194ce8eea01: Pull complete
422548fea3d3: Pull complete
ec2d2b9967e0: Pull complete
8b259ba4c4d9: Pull complete
76262a11b33d: Pull complete
1b5d06dc2c49: Pull complete
991ed18434dd: Pull complete
f25c6654bf3b: Pull complete
ea29ae69235f: Pull complete
3a95ca5b8cd0: Pull complete
d46a44facb7d: Pull complete
cc817f3645bb: Pull complete
45768b398726: Pull complete
7e9be3b296e9: Pull complete
e02d6fb066f3: Pull complete
2d032c198665: Pull complete
8a5b38f9ede2: Pull complete
da072ef4f3b2: Pull complete
aeed28bf05ac: Pull complete
29c59e2aad04: Pull complete
Digest: sha256:8a8084193724b95bc62247e3af4218b357e4f172c78925551b2181dbe2566232
Status: Downloaded newer image for container-registry.oracle.com/database/free:latest
container-registry.oracle.com/database/free:latest
$ docker pull container-registry.oracle.com/database/ords:latest
latest: Pulling from database/ords
ac06ceafe5b9: Pull complete
7199b16c8c4a: Pull complete
2d59a8c44230: Pull complete
4577ec524291: Pull complete
a1247073a683: Pull complete
0c76fee24ccd: Pull complete
b91daf9676e0: Pull complete
4f4fb700ef54: Pull complete
Digest: sha256:c8b7713edbd9394d304b936be91d6ffe3251586f45352bc918e4cb56faabe852
Status: Downloaded newer image for container-registry.oracle.com/database/ords:latest
container-registry.oracle.com/database/ords:latest
$
$ echo "ORACLE_PWD=*******" > .env
$ docker compose up -d
[+] Running 3/3
✔ Network ubuntu-oracle-apex_oracle-net Created 0.1s
✔ Container apex-db Healthy 253.3s
✔ Container apex-ords Started 253.5s
$
$ docker logs -f apex-ords
Testing database connection...
INFO : Attempt 1: Connecting to sys/*****@apex-db:1521/FREEPDB1 as sysdba...
INFO : Database connection successful.
INFO : The Oracle REST Data Services are not installed on your database.
INFO : Installing The Oracle REST Data Services 25.4.0.
INFO : The ORACLE_USER_PWD variable was not supplied.
A temporary password was generated for ORACLE_USER_PWD.
Execute this command to get the generated password:
docker exec <ORDS_container_name> ords config get --secret db.password
INFO : The Oracle REST Data Services 25.4.0 has been installed correctly on your database.
INFO : The container found Oracle APEX version 24.2.0 in the mounted volume.
INFO : Installing Oracle APEX on your DB, please be patient.
INFO : The APEX_PWD variable was not supplied.
A new password must be set to complete the configuration.
To do this, connect as SYS with SYSDBA privileges and run:
ALTER USER APEX_PUBLIC_USER IDENTIFIED BY "<new_password>";
INFO : The Oracle APEX has been installed. You can create an APEX Workspace in Database Actions APEX Workspaces section.
INFO : Set plsql.gateway.mode proxied after Oracle APEX was installed.
INFO : Setup standalone.static.path /opt/oracle/apex/images.
INFO : Starting the Oracle REST Data Services instance.
2026-02-25T04:05:22Z INFO ORDS has not detected the option '--config' and this will be set up to the default directory.
[中略]
2026-02-25T04:05:31.006Z WARNING *** jdbc.MaxLimit in configuration |default|lo| is using a value of 10, this setting may not be sized adequately for a production environment ***
2026-02-25T04:05:31.368Z INFO Created Pool: |default|lo|-2026-02-25T04-05-30.167143688Z at: 2026-02-25T04:05:30.167143688Z
2026-02-25T04:05:31.554Z INFO
Mapped local pools from /etc/ords/config/databases:
/ords/ => default => VALID
2026-02-25T04:05:31.572Z INFO Oracle REST Data Services initialized
Oracle REST Data Services version : 25.4.0.r3641739
Oracle REST Data Services server info: jetty/12.0.25
Oracle REST Data Services java info: Java HotSpot(TM) 64-Bit Server VM GraalVM EE 21.3.10 (build 17.0.11+7-LTS-jvmci-21.3-b51 mixed mode, sharing)
2026-02-25T04:05:31.767Z INFO CursorMonitor 1
2026-02-25T04:05:31.768Z INFO RequestMonitor 1
2026-02-25T04:05:31.769Z INFO AccessLogMonitor 1 0
2026-02-25T04:05:31.769Z INFO TransactionMonitor 1
2026-02-25T04:05:31.773Z INFO WatchdogMonitor 1
2026-02-25T04:25:37.924Z WARNING Bad Authority: [/]
129.212.188.167 - [25/Feb/2026:04:25:37 +0000] "GET /badMessage HTTP/1.0" 400 - "" "" 27 - - -
198.235.24.2 - [25/Feb/2026:04:25:49 +0000] "GET /badMessage HTTP/1.0" 400 - "" "" 2 - - -
198.235.24.2 - [25/Feb/2026:04:25:49 +0000] "GET /badMessage HTTP/1.0" 400 - "" "" 1 - - -
2026-02-25T04:05:31.006Z WARNING *** jdbc.MaxLimit in configuration |default|lo| is using a value of 10, this setting may not be sized adequately for a production environment ***
2026-02-25T04:05:31.368Z INFO Created Pool: |default|lo|-2026-02-25T04-05-30.167143688Z at: 2026-02-25T04:05:30.167143688Z
2026-02-25T04:05:31.554Z INFO
Mapped local pools from /etc/ords/config/databases:
/ords/ => default => VALID
2026-02-25T04:05:31.572Z INFO Oracle REST Data Services initialized
Oracle REST Data Services version : 25.4.0.r3641739
Oracle REST Data Services server info: jetty/12.0.25
Oracle REST Data Services java info: Java HotSpot(TM) 64-Bit Server VM GraalVM EE 21.3.10 (build 17.0.11+7-LTS-jvmci-21.3-b51 mixed mode, sharing)
2026-02-25T04:05:31.767Z INFO CursorMonitor 1
2026-02-25T04:05:31.768Z INFO RequestMonitor 1
2026-02-25T04:05:31.769Z INFO AccessLogMonitor 1 0
2026-02-25T04:05:31.769Z INFO TransactionMonitor 1
2026-02-25T04:05:31.773Z INFO WatchdogMonitor 1
^C$
日本語リソースのロードと管理者ユーザーのパスワードを設定します。
データベースのコンテナに接続します。データベースのコンテナapex-dbの/home/oracle/apexにはAPEXのメディアの解凍先がマウントされています。 /home/oracle/apexに移動します。
$ docker exec -it apex-db bash
bash-4.4$ cd ~/apex
bash-4.4$
export NLS_LANG=American_America.AL32UTF8
sqlplus / as sysdba
alter session set container = freepdb1;
bash-4.4$ export NLS_LANG=American_America.AL32UTF8
bash-4.4$ sqlplus / as sysdba
SQL*Plus: Release 23.26.1.0.0 - Production on Wed Feb 25 04:50:35 2026
Version 23.26.1.0.0
Copyright (c) 1982, 2025, Oracle. All rights reserved.
Connected to:
Oracle AI Database 26ai Free Release 23.26.1.0.0 - Develop, Learn, and Run for Free
Version 23.26.1.0.0
SQL> alter session set container = freepdb1;
Session altered.
SQL>
@load_trans JAPANESE
SQL> @load_trans JAPANESE
PL/SQL procedure successfully completed.
Installing Oracle APEX translation - JAPANESE
. ORACLE
.
. Oracle APEX Hosted Development Service Installation.
..............................................................
PL/SQL procedure successfully completed.
PL/SQL procedure successfully completed.
--application/set_environment
API Last Extended:20241130
Your Current Version:20241130
This import is compatible with version: 20241130
COMPATIBLE (You should be able to run this import without issues.)
ID offset during import: 0
New ID offset for application: 0
APPLICATION 4420 - Oracle APEX Builder, Wizard Messages and Native Plug-Ins
--application/delete_application
--application/create_application
--application/user_interfaces
--application/shared_components/navigation/lists/spotlight_custom_entries_global
--application/shared_components/navigation/lists/spotlight_custom_entries_app_level
--application/shared_components/navigation/lists/spotlight_custom_entries_page_designer
--application/shared_components/navigation/listentry
--application/plugin_settings
[中略」
--application/pages/page_00203
--application/pages/page_00204
--application/pages/page_00205
--application/pages/page_00206
--application/deployment/definition
--application/deployment/checks
--application/deployment/buildoptions
--application/end_environment
... elapsed: 4.34 sec
...done
Adjust instance settings
PL/SQL procedure successfully completed.
SQL>
@apxchpwd
SQL> @apxchpwd
...set_appun.sql
================================================================================
This script can be used to change the password of an Oracle APEX
instance administrator. If the user does not yet exist, a user record will be
created.
================================================================================
Enter the administrator's username [ADMIN]
User "ADMIN" does not yet exist and will be created.
Enter ADMIN's email [ADMIN]
Enter ADMIN's password [] *********
Created instance administrator ADMIN.
SQL>
nginxによるリバース・プロキシの構成
http://ホスト名:8080/ords/apex_admin
OpenRestyはコンテナではなくホストで実行します。作業はrootユーザーにて実施します。
コンピュート・インスタンスにユーザーubuntuで接続し、rootユーザーに切り替えます。
sudo -s
cd ~
ubuntu@ordsmcp2:~$ sudo -s
root@ordsmcp2:/home/ubuntu# cd ~
root@ordsmcp2:~#
以下の例ではホスト名にords.example.comを指定していますが、作業の際には割り当てているホスト名に置き換えます。
certbot certonly --standalone -d ホスト名
root@ordsmcp2:~# certbot certonly --standalone -d ords.example.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): メール・アドレス
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.6-August-18-2025.pdf. You must agree
in order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N
Account registered.
Requesting a certificate for ords.example.com
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/ords.example.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/ords.example.com/privkey.pem
This certificate expires on 2026-05-26.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
root@ordsmcp2:~#
ユーザーoracleに切り替えコンテナapex-ordsに接続して、ordsコマンドを実行します。
構成を更新したのち、コンテナを再起動します。
su - oracle
docker exec apex-ords ords --config /etc/ords/config config set security.httpsHeaderCheck "X-Forwarded-Proto: https"
docker restart apex-ords
root@ordsmcp2:~# su - oracle
$ docker exec apex-ords ords --config /etc/ords/config config set security.httpsHeaderCheck "X-Forwarded-Proto: https"
ORDS: Release 25.4 Production on Wed Feb 25 05:31:03 2026
Copyright (c) 2010, 2026, Oracle.
Configuration:
/etc/ords/config
The global setting named: security.httpsHeaderCheck was set to: X-Forwarded-Proto: https
$ docker restart apex-ords
apex-ords
$ exit
root@ordsmcp2:~#
root@ordsmcp2:~# sed -i 's/ords.example.com/**********/g' /etc/nginx/conf.d/01-server.conf
root@ordsmcp2:~# systemctl enable openresty
Synchronizing state of openresty.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable openresty
root@ordsmcp2:~# systemctl start openresty
root@ordsmcp2:~#
