Sonatype Nexus is one of the best repository managers out there. It is some tool that you cannot avoid in your CI/CD pipeline. It effectively manages deployable artifacts.
This article guides you to install and configure Sonatype Nexus 3 in a secure way on an Centos6.10 Linux System.
Note: This was tested on a Centos 6.10 machine and it will work on Centos 7 as well.
Step 1: Login to your Linux server and update it.
sudo yum update -y
Step 2: Install OpenJDK 1.8
Note: Nexus recommends oracle JDK to be installed. For demo purposes we use OpenJDK
sudo yum install java-1.8.0-openjdk.x86_64
Step 3: Create a directory named app and cd into the directory.
sudo mkdir /app && cd /app
Step 4: Download the latest nexus. You can get the latest download links fo for nexus from here. Here I am downloading nexus 3.
sudo wget https://download.sonatype.com/nexus/3/latest-unix.tar.gz
Untar the downloaded file.
sudo tar -xvf nexus-3.18.1-01-unix.tar.gz
Rename the untared file to nexus.
sudo mv nexus-3.18.1-01 nexus
Step 5: As a good security practice, it is not advised to run nexus service with any sudo user. So create a new user named nexus.
sudo adduser nexus
Change the ownership of nexus file to nexus user.
sudo chown -R nexus:nexus /app/nexus
Open /app/nexus/bin/nexus.rc file, uncomment run_as_user parameter and set it as following.
run_as_user="nexus"
Step 6: If you want to change the default nexus data directory, open nexus properties file and change the data directory “-Dkaraf.data” parameter to a preferred location as shown below.
sudo vi /app/nexus/bin/nexus.vmoptions
An example configuration is shown below.
-Xms1200M -Xmx1200M -XX:+UnlockDiagnosticVMOptions -XX:+UnsyncloadClass -Djava.net.preferIPv4Stack=truer -Dkaraf.home=. -Dkaraf.base=. -Dkaraf.etc=etc -Djava.util.logging.config.file=etc/java.util.logging.properties -Dkaraf.data=/nexus/nexus-data -Djava.io.tmpdir=data/tmp -Dkaraf.startLocalConsole=false
Running Nexus as a Service
It is better to have a init.d entry to manage nexus service using the Linux service command. Follow the steps given below for the setup.
Step 1: Create a symbolic link for nexus service script to /etc/init.d folder.
sudo ln -s /app/nexus/bin/nexus /etc/init.d/nexus
Step 2: Execute the following commands to add nexus service to boot.
sudo chkconfig --add nexus sudo chkconfig --levels 345 nexus on
Manage Nexus Service
Now we have all the configurations in place. To start the Nexus service, use the following command.
sudo service nexus start
The above command will start the nexus service on port 8081. To access the nexus dashboard, visit http://:8081. You will be able to see the nexus homepage as shown below.
To log in, use the default username and password.
User Name: admin
Password: admin123
For stopping,
sudo service nexus stop
For restarting,
sudo service nexus restart