Nexus Installation and Setup
Use following commands to install nexus
It will do following:
Install java (use dnf if yum not working)
install nexus
change directory
restart it
Get password and login
You can use either of following commands based on your OS.
sudo yum install java-1.8.0-openjdk.x86_64 -y
sudo yum install java-11-amazon-corretto
java -version
OR
sudo dnf update
sudo dnf install java-1.8.0-amazon-corretto
sudo dnf install java-1.8.0-openjdk.x86_64 -y
java -version
create /app and go inside it
sudo mkdir /app && cd /app
install nexus there
sudo wget -O nexus.tar.gz https://download.sonatype.com/nexus/3/latest-unix.tar.gz
[root@ip-172-31-0-201 app]# ls -l
total 224280
-rw-r--r--. 1 root root 229661238 Jun 4 14:24 nexus.tar.gz
extract the tar file and move it to nexus folder
sudo tar -xvf nexus.tar.gz
sudo mv nexus-3* nexus
check with 'ls -l' command
[root@ip-172-31-0-201 app]# ls -l
total 224280
drwxr-xr-x. 10 nexus nexus 181 Jul 3 03:06 nexus
-rw-r--r--. 1 root root 229661238 Jun 4 14:24 nexus.tar.gz
drwxr-xr-x. 3 nexus nexus 20 Jul 3 03:06 sonatype-work
[root@ip-172-31-0-201 app]#
[root@ip-172-31-0-201 app]# pwd
/app
[root@ip-172-31-0-201 app]#
create nexus user and give it permissions to nexus directory
sudo adduser nexus
sudo chown -R nexus:nexus /app/nexus
sudo chown -R nexus:nexus /app/sonatype-work
Update configuration inside "/app/nexus/bin/nexus.rc"
sudo vim /app/nexus/bin/nexus.rc
Add following content inside this file
run_as_user="nexus"
Update the configuration for following file:
sudo vim /etc/systemd/system/nexus.service
Enter following content and save the file
[Unit]
Description=nexus service
After=network.target
[Service]
Type=forking
LimitNOFILE=65536
User=nexus
Group=nexus
ExecStart=/app/nexus/bin/nexus start
ExecStop=/app/nexus/bin/nexus stop
User=nexus
Restart=on-abort
[Install]
WantedBy=multi-user.target
Now restart the nexus
sudo chkconfig nexus on
systemctl start nexus
systemctl status nexus
systemctl enable nexus
How to troubleshoot if nexus is not working
[root@ip-10-1-101-31 nexus]# sudo -u nexus /app/nexus/bin/nexus run
Unrecognized option: --add-reads=java.xml=java.logging
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.
[root@ip-10-1-101-31 nexus]#
Here I have updated the java version to 11
[root@ip-10-1-101-31 nexus]#
[root@ip-10-1-101-31 nexus]# sudo yum install java-11-openjdk-devel
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core | 3.6 kB 00:00:00
No package java-11-openjdk-devel available.
Error: Nothing to do
[root@ip-10-1-101-31 nexus]#
[root@ip-10-1-101-31 nexus]#
[root@ip-10-1-101-31 nexus]#
[root@ip-10-1-101-31 nexus]# sudo yum install java-11-amazon-corretto
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Resolving Dependencies
--> Running transaction check
---> Package java-11-amazon-corretto.x86_64 1:11.0.24+8-1.amzn2 will be installed
--> Processing Dependency: java-11-amazon-corretto-headless(x86-64) = 1:11.0.24+8-1.amzn2 for package: 1:java-11-amazon-corretto-11.0.24+8-1.amzn2.x86_64
--> Processing Dependency: libXt for package: 1:java-11-amazon-corretto-11.0.24+8-1.amzn2.x86_64
--> Processing Dependency: dejavu-serif-fonts for package: 1:java-11-amazon-corretto-11.0.24+8-1.amzn2.x86_64
--> Processing Dependency: dejavu-sans-mono-fonts for package: 1:java-11-amazon-corretto-11.0.24+8-1.amzn2.x86_64
--> Running transaction check
---> Package dejavu-sans-mono-fonts.noarch 0:2.33-6.amzn2 will be installed
---> Package dejavu-serif-fonts.noarch 0:2.33-6.amzn2 will be installed
---> Package java-11-amazon-corretto-headless.x86_64 1:11.0.24+8-1.amzn2 will be installed
---> Package libXt.x86_64 0:1.1.5-3.amzn2.0.2 will be installed
--> Finished Dependency Resolution
Then switch to new java version
[root@ip-10-1-101-31 nexus]#
[root@ip-10-1-101-31 nexus]# alternatives --config java
There are 2 programs which provide 'java'.
Selection Command
-----------------------------------------------
*+ 1 java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.412.b08-1.amzn2.0.1.x86_64/jre/bin/java)
2 /usr/lib/jvm/java-11-amazon-corretto.x86_64/bin/java
Enter to keep the current selection[+], or type selection number: 2
[root@ip-10-1-101-31 nexus]#
Then it workde
[root@ip-10-1-101-31 nexus]#
[root@ip-10-1-101-31 nexus]# systemctl start nexus
[root@ip-10-1-101-31 nexus]#
[root@ip-10-1-101-31 nexus]# systemctl status nexus
● nexus.service - nexus service
Loaded: loaded (/etc/systemd/system/nexus.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2024-09-24 15:29:35 UTC; 5s ago
Process: 14015 ExecStart=/app/nexus/bin/nexus start (code=exited, status=0/SUCCESS)
Main PID: 14310 (java)
CGroup: /system.slice/nexus.service
└─14310 /usr/lib/jvm/java-11-amazon-corretto.x86_64/bin/java -server -Dinstall4j.jvmDir=/usr/lib/jvm/java-11-amazon-corretto.x86_64 -Dexe4j.moduleNa...
Sep 24 15:29:35 ip-10-1-101-31.ec2.internal systemd[1]: Starting nexus service...
Sep 24 15:29:35 ip-10-1-101-31.ec2.internal nexus[14015]: Starting nexus
Sep 24 15:29:35 ip-10-1-101-31.ec2.internal systemd[1]: Started nexus service.
[root@ip-10-1-101-31 nexus]#
You can login with this code in nexus:
you will get the password for the nexus here:
cat /app/sonatype-work/nexus3/admin.password
Change the password
Setup docker nexus repo , allow these ports from security groups of ec2 instance.
Setup Realms
You will need to install docker if docker package is not present
[root@ip-172-31-0-221 ~]# yum install docker -y
Last metadata expiration check: 0:22:29 ago on Thu Jul 11 03:01:04 2024.
Dependencies resolved.
I have setup docker daemon on another EC2 server
Then restart docker
systemctl restart docker
check connections
[root@ip-172-31-0-55 ~]# curl http://52.90.8.197:8082/v2/
{"errors":[{"code":"UNAUTHORIZED","message":"access to the requested resource is not authorized","detail":null}]}[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]# curl http://52.90.8.197:8082/v2/
{"errors":[{"code":"UNAUTHORIZED","message":"access to the requested resource is not authorized","detail":null}]}[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]#
Login to repo
[root@ip-172-31-0-55 ~]# docker login http://52.90.8.197:8082
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@ip-172-31-0-55 ~]#
pull alpine image
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]# docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
ec99f8b99825: Pull complete
Digest: sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest a606584aa9aa 12 days ago 7.8MB
[root@ip-172-31-0-55 ~]#
tag and upload
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]# docker tag alpine:latest 52.90.8.197:8082/demo2:1.0.0
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
52.90.8.197:8082/demo2 1.0.0 a606584aa9aa 12 days ago 7.8MB
alpine latest a606584aa9aa 12 days ago 7.8MB
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]#
[root@ip-172-31-0-55 ~]# docker push 52.90.8.197:8082/alpine:1.0.0
The push refers to repository [52.90.8.197:8082/alpine]
94e5f06ff8e3: Pushed
1.0.0: digest: sha256:dabf91b69c191a1a0a1628fd6bdd029c0c4018041c7f052870bb13c5a222ae76 size: 528
[root@ip-172-31-0-55 ~]#
To install and configure Nexus Repository Manager to run over HTTPS
Step 1: Install Nginx
Install Nginx using the following command:
sudo dnf install nginx -y
Step 2: Generate SSL Certificates
You can either use a self-signed certificate for testing purposes or obtain a certificate from a Certificate Authority (CA). Here’s how to create a self-signed certificate:
sudo mkdir -p /etc/nginx/ssl
sudo openssl req -newkey rsa:2048 -nodes -keyout /etc/nginx/ssl/nexus.key -x509 -days 365 -out /etc/nginx/ssl/nexus.crt
Fill out the required information for the certificate.
Step 3: Configure Nginx
Create a new Nginx configuration file for Nexus:
sudo vim /etc/nginx/conf.d/nexus.conf
Add the following content:
server {
listen 443 ssl;
server_name your_domain_or_ip;
ssl_certificate /etc/nginx/ssl/nexus.crt;
ssl_certificate_key /etc/nginx/ssl/nexus.key;
location / {
proxy_pass http://localhost:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
server_name your_domain_or_ip;
location / {
return 301 https://$host$request_uri;
}
}
Replace your_domain_or_ip
with your actual domain name or IP address.
Step 4: Configure Nexus for HTTPS
Edit the Nexus configuration to listen on the default HTTP port (8081):
sudo vim /app/nexus/etc/nexus-default.properties
Ensure the following line is present and uncommented:
application-port=8081
Step 5: Restart Services
Restart Nginx and Nexus services to apply the changes:
sudo systemctl restart nginx
sudo systemctl restart nexus
sudo systemctl enable nginx
sudo systemctl enable nexus
Step 6: Verify HTTPS Configuration
Open a web browser and navigate to https://your_domain_or_ip
. You should see the Nexus Repository Manager interface running over HTTPS.
This setup ensures that Nexus is accessible over HTTPS with a self-signed certificate. For production use, consider obtaining a certificate from a trusted CA.