Nexus: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 284: | Line 284: | ||
tail -n 50 -f /opt/sonatype/sonatype-work/nexus3/log/nexus.log | tail -n 50 -f /opt/sonatype/sonatype-work/nexus3/log/nexus.log | ||
echo $(cat /opt/sonatype/sonatype-work/nexus3/admin.password) | echo $(cat /opt/sonatype/sonatype-work/nexus3/admin.password) | ||
cat <<'EXE'|docker exec -i nexus bash | |||
cat /nexus-data/admin.password;echo | |||
rm /nexus-data/admin.password | |||
EXE | |||
netstat -plnt|grep 8081 | netstat -plnt|grep 8081 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 304: | Line 309: | ||
nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml | nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml | ||
nexus-context-path=/nexus | nexus-context-path=/nexus | ||
</syntaxhighlight> | |||
==Migrate » K8s » Docker== | |||
<syntaxhighlight lang="bash"> | |||
cat <<'YML' | sudo tee /etc/nexus.shahed.biz/docker-compose.yml >/dev/null | |||
--- | |||
services: | |||
nexus: | |||
image: sonatype/nexus3:3.42.0 | |||
container_name: nexus | |||
environment: | |||
NEXUS_SEARCH_INDEX_REBUILD_ON_STARTUP: true | |||
NEXUS_SECURITY_INITIAL_PASSWORD: sadaqah! | |||
JAVA_OPTS: -Dkaraf.debug=true | |||
NEXUS_DATA: /nexus-data | |||
NEXUS_SERVICE_PORT: 8081 | |||
DB_PASSWORD: sadaqah! | |||
DB_USER: nexus | |||
DB_NAME: nexus | |||
INSTALL4J_ADD_VM_PARAMS: >- | |||
-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m | |||
-Dnexus.datastore.enabled=true | |||
-Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs | |||
-Dnexus.datastore.nexus.name=nexus | |||
-Dnexus.datastore.nexus.type=jdbc | |||
-Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://db.shahed.biz:5432/${DB_NAME} | |||
-Dnexus.datastore.nexus.username=${DB_USER} | |||
-Dnexus.datastore.nexus.password=${DB_PASSWORD}" | |||
ports: | |||
- 127.0.0.2:8081:8081 | |||
- 127.0.0.2:8082:8082 | |||
restart: always | |||
volumes: | |||
- /var/nexus/nexus-data/:/nexus-data | |||
YML | |||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="bash"> | |||
cat <<'ENV' | sudo tee /etc/nexus.shahed.biz/.env >/dev/null | |||
NEXUS_SEARCH_INDEX_REBUILD_ON_STARTUP=true | |||
NEXUS_SECURITY_INITIAL_PASSWORD="sadaqah!" | |||
JAVA_OPTS="-Dkaraf.debug=true" | |||
NEXUS_DATA="/nexus-data" | |||
NEXUS_SERVICE_PORT=8081 | |||
DB_PASSWORD="sadaqah!" | |||
DB_USER="nexus" | |||
DB_NAME="nexus" | |||
INSTALL4J_ADD_VM_PARAMS=-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m -Dnexus.datastore.enabled=true -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs -Dnexus.datastore.nexus.name=nexus -Dnexus.datastore.nexus.type=jdbc -Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://db.shahed.biz:5432/${DB_NAME} -Dnexus.datastore.nexus.username=${DB_USER} -Dnexus.datastore.nexus.password=${DB_PASSWORD}" | |||
ENV | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Latest revision as of 03:43, 13 March 2025
Linux: export NEXUS_HOME=/srv/nexus |
MacOS: export NEXUS_HOME=$HOME/nexus |
Local location | Container location | Usage |
---|---|---|
$NEXUS_HOME/nexus3/nexus-data |
/nexus-data |
Nexus data |
docker run -it --rm \
--env NEXUS_CONTEXT=nexus \
--publish 8081:8081 \
sonatype/nexus3:3.22.0 \
bin/bash
id; exit
mkdir -p $NEXUS_HOME/nexus3/nexus-data/ chown -R 200:200 $NEXUS_HOME/nexus3/nexus-data/
Docker
docker run --detach \
--env NEXUS_CONTEXT=nexus \
--publish 8081:8081 \
--publish 8082:8082 \
--publish 8083:8083 \
--name nexus \
--restart always \
--volume $NEXUS_HOME/nexus3/nexus-data:/nexus-data \
sonatype/nexus3:3.26.0
docker exec -it nexus bash
echo $(cat /nexus-data/admin.password)
exit
docker start nexus
docker stop nexus
docker logs nexus
Apache
<Location /nexus>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8081/nexus nocanon
ProxyPassReverse http://localhost:8081/nexus
RequestHeader set X-Forwarded-Proto "https"
</Location>
touch /etc/apache2/sites-enabled/01-{hub,reg}.chorke.org.conf
touch /etc/apache2/sites-enabled/01-{hub,reg}.chorke.org-le-ssl.conf
mkdir -p /var/chorke/www/{hub,reg}.chorke.org/html/.well-known/acme-challenge/
Group
HTTP
cat <<EOF >> /etc/apache2/sites-enabled/01-hub.chorke.org.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias hub.chorke.org
ServerAdmin [email protected]
ServerName www.hub.chorke.org
DocumentRoot /var/chorke/www/hub.chorke.org/html
ErrorLog /var/chorke/www/hub.chorke.org/error.log
CustomLog /var/chorke/www/hub.chorke.org/requests.log combined
<Directory "/var/chorke/www/hub.chorke.org/">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/chorke/www/hub.chorke.org/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.hub.chorke.org [OR]
#RewriteCond %{SERVER_NAME} =hub.chorke.org
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
EOF
HTTPS
cat <<EOF >> /etc/apache2/sites-enabled/01-hub.chorke.org-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias hub.chorke.org
ServerAdmin [email protected]
ServerName www.hub.chorke.org
DocumentRoot /var/chorke/www/hub.chorke.org/html
ErrorLog /var/chorke/www/hub.chorke.org/error.log
CustomLog /var/chorke/www/hub.chorke.org/requests.log combined
<Directory "/var/chorke/www/hub.chorke.org/">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/chorke/www/hub.chorke.org/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
<Location />
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8082/ nocanon
ProxyPassReverse http://localhost:8082/
RequestHeader set X-Forwarded-Proto "https"
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/hub.chorke.org/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hub.chorke.org/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/hub.chorke.org/chain.pem
</VirtualHost>
</IfModule>
EOF
Private
HTTP
cat <<EOF >> /etc/apache2/sites-enabled/01-reg.chorke.org.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias reg.chorke.org
ServerAdmin [email protected]
ServerName www.reg.chorke.org
DocumentRoot /var/chorke/www/reg.chorke.org/html
ErrorLog /var/chorke/www/reg.chorke.org/error.log
CustomLog /var/chorke/www/reg.chorke.org/requests.log combined
<Directory "/var/chorke/www/reg.chorke.org/">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/chorke/www/reg.chorke.org/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.reg.chorke.org [OR]
#RewriteCond %{SERVER_NAME} =reg.chorke.org
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
EOF
HTTPS
cat <<EOF >> /etc/apache2/sites-enabled/01-reg.chorke.org-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias reg.chorke.org
ServerAdmin [email protected]
ServerName www.reg.chorke.org
DocumentRoot /var/chorke/www/reg.chorke.org/html
ErrorLog /var/chorke/www/reg.chorke.org/error.log
CustomLog /var/chorke/www/reg.chorke.org/requests.log combined
<Directory "/var/chorke/www/reg.chorke.org/">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/chorke/www/reg.chorke.org/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
<Location />
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8083/ nocanon
ProxyPassReverse http://localhost:8083/
RequestHeader set X-Forwarded-Proto "https"
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/reg.chorke.org/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/reg.chorke.org/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/reg.chorke.org/chain.pem
</VirtualHost>
</IfModule>
EOF
Deploy
<settings>
[...]
<profiles>
<profile>
<id>nex</id>
<properties>
<altSnapshotDeploymentRepository>academia.snapshots::default::https://nex.chorke.org/repository/maven/snapshots</altSnapshotDeploymentRepository>
<altReleaseDeploymentRepository>academia.releases::default::https://nex.chorke.org/repository/maven/releases</altReleaseDeploymentRepository>
</properties>
</profile>
</profiles>
</settings>
Debian
cat <<EOF >> /etc/apt/sources.list.d/sonatype-community.list
deb [arch=all] https://repo.sonatype.com/repository/community-apt-hosted/ bionic main
#deb https://repo.sonatype.com/repository/community-apt-hosted/ bionic main
EOF
wget -qO - https://repo.sonatype.com/repository/community-hosted\
/pki/deb-gpg/DEB-GPG-KEY-Sonatype.asc|apt-key add -
apt update;\
apt list --upgradable;\
apt install nexus-repository-manager
NVM_OPS_FILE="/opt/sonatype/nexus3/bin/nexus.vmoptions";\
sed -i "s|-Djava.endorsed.dirs=lib/endorsed|-Djava.endorsed.dirs=lib/endorsed:/opt/sonatype/jna|" "$NVM_OPS_FILE";\
sed -i "s|-XX:MaxDirectMemorySize=2703m|-XX:MaxDirectMemorySize=2G|" "$NVM_OPS_FILE";\
sed -i "s|-Xms2703m|-Xms1200M|" "$NVM_OPS_FILE";\
sed -i "s|-Xmx2703m|-Xmx1200M|" "$NVM_OPS_FILE"
mkdir -p /opt/sonatype/jna;cd /opt/sonatype/jna;\
wget https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.6.0/jna-5.6.0.jar;\
wget https://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.6.0/jna-platform-5.6.0.jar;\
chmod +x /opt/sonatype/jna/*;\
cd /opt/sonatype/
service nexus-repository-manager restart
tail -n 50 -f /opt/sonatype/sonatype-work/nexus3/log/nexus.log
echo $(cat /opt/sonatype/sonatype-work/nexus3/admin.password)
cat <<'EXE'|docker exec -i nexus bash
cat /nexus-data/admin.password;echo
rm /nexus-data/admin.password
EXE
netstat -plnt|grep 8081
# pios swap memory
printf '\nbefore:\n';free -th;\
sed -i "s|CONF_SWAPSIZE=100|CONF_SWAPSIZE=2048|" /etc/dphys-swapfile;\
service dphys-swapfile restart;\
printf '\nupdate:\n';free -th
Context Path
nano /opt/sonatype/nexus3/etc/nexus-default.properties
# Jetty section
application-port=8081
application-host=0.0.0.0
nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml
nexus-context-path=/nexus
Migrate » K8s » Docker
cat <<'YML' | sudo tee /etc/nexus.shahed.biz/docker-compose.yml >/dev/null
---
services:
nexus:
image: sonatype/nexus3:3.42.0
container_name: nexus
environment:
NEXUS_SEARCH_INDEX_REBUILD_ON_STARTUP: true
NEXUS_SECURITY_INITIAL_PASSWORD: sadaqah!
JAVA_OPTS: -Dkaraf.debug=true
NEXUS_DATA: /nexus-data
NEXUS_SERVICE_PORT: 8081
DB_PASSWORD: sadaqah!
DB_USER: nexus
DB_NAME: nexus
INSTALL4J_ADD_VM_PARAMS: >-
-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m
-Dnexus.datastore.enabled=true
-Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs
-Dnexus.datastore.nexus.name=nexus
-Dnexus.datastore.nexus.type=jdbc
-Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://db.shahed.biz:5432/${DB_NAME}
-Dnexus.datastore.nexus.username=${DB_USER}
-Dnexus.datastore.nexus.password=${DB_PASSWORD}"
ports:
- 127.0.0.2:8081:8081
- 127.0.0.2:8082:8082
restart: always
volumes:
- /var/nexus/nexus-data/:/nexus-data
YML
cat <<'ENV' | sudo tee /etc/nexus.shahed.biz/.env >/dev/null
NEXUS_SEARCH_INDEX_REBUILD_ON_STARTUP=true
NEXUS_SECURITY_INITIAL_PASSWORD="sadaqah!"
JAVA_OPTS="-Dkaraf.debug=true"
NEXUS_DATA="/nexus-data"
NEXUS_SERVICE_PORT=8081
DB_PASSWORD="sadaqah!"
DB_USER="nexus"
DB_NAME="nexus"
INSTALL4J_ADD_VM_PARAMS=-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m -Dnexus.datastore.enabled=true -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs -Dnexus.datastore.nexus.name=nexus -Dnexus.datastore.nexus.type=jdbc -Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://db.shahed.biz:5432/${DB_NAME} -Dnexus.datastore.nexus.username=${DB_USER} -Dnexus.datastore.nexus.password=${DB_PASSWORD}"
ENV