You can't rely on doing live CPAN.pm runs at install time. It puts you at the mercy of the internet, and every time a new module release comes out your software might no longer install successfully. We fixed this in a couple places by hard-coding versions into the script, but that will only work until the author deletes them!

Although probably not a useful solution for your situation, one neat way around this problem is to create your own mini-CPAN that just contains the modules you need. No worries about running old/new versions that cause problems. No worries about modules being deleted from underneath you. The bonus of having a central location to distribute new versions when necessary.

It's relatively easy to build Apache/mod_perl from source in a portable manner but very hard to use an existing install. This should make supporting more platforms easier.

You might want to look at Apache Toolbox as a starting point.

So, what am I missing?

Documenting a standard mechanism for the user of your application to rebuild with the latest module / apache / whatever if necessary. There's nothing worse than knowing that there is a gaping security hole in Foo and not having an easy way to update. Obviously, you'll be releasing a new version too - but us paranoid types like to sort it ASAP :-)

I'd also consider Module::Build as base for your build/installation system. Very flexible and easy to extend - much easier to hack than E:MM.