Install Sonatype Nexus Repository OSS on CentOS 7

Darshana Installing Sonatype Nexus Repository OSS on CentOS 7 by FossLinux

Sonatype Nexus is a popular repository manager used worldwide for most components, binaries, and build artifacts. It supports Java Virtual Machine (JVM) ecosystems, including Gradle, Ant, Maven, and Ivy.

Compatible standard tools include Eclipse, IntelliJ, Hudson, Jenkins, Puppet, Chef, Docker, etc. Sonatype Nexus Repo can manage development components by delivering binary containers, components, and finished products.

In this tutorial, we will provide you with a comprehensive guide to setting up Sonatype Nexus Repository OSS version on CentOS 7.

Install Sonatype Nexus Repository OSS on CentOS 7

Before starting this tutorial, let’s look at the minimum system requirements for running Sonatype Nexus Repo.

System requirements

Minimum CPU: 4, recommended CPU: 8+
Minimum physical /RAM 8GB on host

1. The pre-installed

The host name is set.

hostnamectl set-hostname nexus
Copy the code

Update your CentOS system.

yum update -y
Copy the code

Install Java by executing the following command:

Yum -y install java-1.8.0-openJDK java-1.8.0-openjdk-develCopy the code

After the installation is complete, check the Java version to make sure you are ready for the next step of downloading the Repo.

java -version
Copy the code

Download Nexus Repository Manager 3

Navigate to the opt directory

cd /opt
Copy the code

Copy the URL of the latest Repo from the official website and download it using wget.

wget https://download.sonatype.com/nexus/3/latest-unix.tar.gz
Copy the code

Decompress the tar file

tar -xvzf latest-unix.tar.gz
Copy the code

You should see two directories, including nexus files and Nexus data directories

ls -lh
Copy the code

Rename folders

Mv nexus-3.20.1-01 Nexus MV sonatype-work NexusdataCopy the code

3. Set users and permissions and configurations

I. Add a user to a Nexus service

useradd --system --no-create-home nexus
Copy the code

II. Set the owner of Nexus files and Nexus data

chown -R nexus:nexus /opt/nexus

hown -R nexus:nexus /opt/nexusdata
Copy the code

III. Change Nexus configuration and set custom data directory

Edit “nexus. Vmoptions”.

vim /opt/nexus/bin/nexus.vmoptions
Copy the code

Change the data directory.

-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=.. /nexusdata/nexus3/log/jvm.log -XX:-OmitStackTraceInFastThrow -DIPv4Stack. -Dkaraf.home=. -Dkaraf.base=. -Dkaraf.etc=etc/karaf -Djava.util.logging.config.file=etc/karaf/java.util.logging.properties -Dkaraf.data=.. /nexusdata/nexus3 -Dkaraf.log=.. /nexusdata /nexus3/log -Djava.io.tmpdir=.. /nexusdata/nexus3/tmp -Dkaraf.startLocalConsole=falseCopy the code

Save and exit the file.

IV. Users who have changed nexus service accounts.

Edit the nexu.rc file.

vim /opt/nexus/bin/nexus.rc
Copy the code

Uncomment the “run_as_user” parameter and add a new value.

run_as_user="nexus"
Copy the code

V. Stop listening for remote connections.

We need to modify the file “nexus-default.properties”.

vim /opt/nexus/etc/nexus-default.properties
Copy the code

Change application-host=0.0.0.0 to application-host=127.0.0.1.

VI. Configure file opening restrictions for Nexus users.

vim /etc/security/limits.conf
Copy the code

Add the following values to the file.

nexus - nofile 65536
Copy the code

Save and exit the file

4. Set the Nexus as the system service

Create the systemd service file in /etc/systemd/system/.

vim /etc/systemd/system/nexus.service
Copy the code

Add the following to the file:

[Unit]
Description=Nexus Service
After=syslog.target network.target

[Service]
Type=forking
LimitNOFILE=65536
ExecStart=/opt/nexus/bin/nexus start
ExecStop=/opt/nexus/bin/nexus stop
User=nexus
Group=nexus
Restart=on-failure

[Install]
WantedBy=multi-user.target
Copy the code

Overloading systemctl.

systemctl daemon-reload
Copy the code

Make the service available at system startup.

systemctl enable nexus.service
Copy the code

Start the service.

systemctl start nexus.service
Copy the code

Monitoring log files

tail -f /opt/nexusdata/nexus3/log/nexus.log
Copy the code

Checking Service Ports

netstat -tunlp | grep 8081
Copy the code

5. Set the Nginx

Set up the EPEL repository

yum install -y epel-release
Copy the code

List repository

yum repolist
Copy the code

Install nginx

yum install nginx
Copy the code

Set the system to start nginx

systemctl enable nginx
Copy the code

Check the status of Nginx and start the service if it is not running

systemctl status nginx

systemctl start nginx
Copy the code

6. Set DNS records for the server.

Then go to your DNS manager and add A records for your server.

A Domain Name Server IP
Copy the code

Here, we use AWS route 53 to set up our DNS.

7. Use certbot to configure SSL

I. Install the Certbot package

yum install certbot python2-certbot-nginx
Copy the code

II. Install the certificate

certbot --nginx
Copy the code

It asks a few questions, then enters the E-mail, domain name, and required input, as shown below.

Once the installation is complete, open nginx.conf.

vim /etc/nginx/nginx.conf
Copy the code

You can see the Certbot SSL configuration.

III. Add a proxy pass

Add the following to the location block.

Location / {proxy_pass "http://127.0.0.1:8081"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Ssl on; proxy_read_timeout 300; proxy_connect_timeout 300; }Copy the code

Save and exit the file.

Check nginx syntax:

nginx -t
Copy the code

Restart the Nginx:

systemctl restart nginx
Copy the code

8. Configure firewall rules

Now enable HTTPS access to specific public IP addresses. Run the following command.

Firewall-cmd --permanent --zone=public --add-rich-rule=' rule family="ipv4" source address="123.44.8.180/32" port protocol="tcp" port="443" accept'Copy the code

If you need to open HTTPS to publicly run the following command:

firewall-cmd --zone=public --permanent --add-service=https
Copy the code

Reload the firewall.

firewall-cmd --reload
Copy the code

9. Set up SELinux proxy for Nginx

setsebool -P httpd_can_network_connect 1
Copy the code

10. Use your main name to browse the site

eg: https://nexusrepo.fosslinux.com/
Copy the code

11. Log in to the server

Use the default user name admin to log in. Run the following command on the server and get the password.

cat /opt/nexusdata/nexus3/admin.password
Copy the code

After logging in for the first time, you should see a similar window as shown below.

Click Next and set a new password for the administrator user.

Click Next again and you should see the Configure Anonymous Access window. Do not enable anonymous access.

Click the Next button and you can see the complete Settings.

Click Finish.

This is all about installing Sonatype Nexus Repository OSS on CentOS 7.

Install Sonatype Nexus Repository OSS on CentOS 7

Install Sonatype Nexus Repository OSS on CentOS 7

System requirements

1. The pre-installed

Download Nexus Repository Manager 3

3. Set users and permissions and configurations

4. Set the Nexus as the system service

5. Set the Nginx

6. Set DNS records for the server.

7. Use certbot to configure SSL

8. Configure firewall rules

9. Set up SELinux proxy for Nginx

10. Use your main name to browse the site

11. Log in to the server

Related Posts

Git tutorial (1)- Installing Git for multiple platforms

Learn Python (Crawler 3 (Data saving XLWT)

Error Requesting Orgs From The Discovery Server