Install Nexus Repository Manager on Debian 11

0
18

This tutorial describes how to install Nexus repository manager on Debian 11.

Nexus is the World’s #1 repository manager for build artifacts. There exist two versions of Nexus repository manager;

In this tutorial, we will be installing the OSS version.

Install Nexus Repository Manager on Debian 11

Follow through the steps provided in this guide to install Nexus repository manager on Debian 11.

System Requirements

Ensure that the minimum requirements are met by your system before you can proceed to install Nexus repository manager on Debian 11 as outlined on Nexus system requirements page, links provided below.

Run System Update

Update system package cache;

apt update

Install Java on Debian 11

Nexus repository manager requires Java 8 Runtime Environment (JRE).

Debian 11 repos do not provide Java 8 packages. Hence, we opted to use repos for Debian 9 to install Java 8.

cat > /etc/apt/sources.list.d/java-8.list << 'EOL'
deb http://ftp.debian.org/debian stretch main
deb-src http://ftp.debian.org/debian stretch main
EOL
apt update

You can simply run the command below to install Java 8 on Debian 11;

apt install openjdk-8-jdk

Confirm the installed version of Java;

java -version

Remove Debian 9 repos;

rm -rf /etc/apt/sources.list.d/java-8.list

Create Dedicated Nexus System Account

As a security precaution, Nexus Repository Manager should NOT be run as the root user. Instead, create a system account for Nexus;

useradd -M -d /opt/nexus -s /bin/bash -r nexus

Allow the nexus user to run all commands with sudo without password.

apt install sudo -y
echo "nexus ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/nexus

Download Nexus Repository OSS Tarball

Navigate to Nexus repository OSS downloads page, register for an account and download Nexus repository OSS for Unix tarball.

You can simply obtain the link and pull the tarball using wget command as shown below. Note that this downloads the current stable release version of Nexus, 3.35.0-02, as of this writing. Be sure to get the link to the latest version from downloads page.

wget https://sonatype-download.global.ssl.fastly.net/repository/downloads-prod-group/3/nexus-3.35.0-02-unix.tar.gz

Install Nexus Repository Manager on Debian 11

Extract the tarball

Extact Nexus to the nexus user home directory, which in this guide is /opt/nexus.

mkdir /opt/nexus
tar xzf nexus-3.35.0-02-unix.tar.gz -C /opt/nexus --strip-components=1

Checking the contents of the /opt/nexus directory;

ls /opt/nexus/*
bin
deploy
etc
lib
nexus3
NOTICE.txt
OSS-LICENSE.txt
PRO-LICENSE.txt
public
replicator
system

Set the proper ownership of the nexus directory;

chown -R nexus: /opt/nexus

Adjust the Nexus Memory Heap Size

The default minimum JVM heap for Nexus is 2037MB with maximum recommended being 4G.

If you have less memory, you can reduce it by editing the file /opt/nexus/bin/nexus.vmoptions and setting a lower value, for demo purposes.

Replace the default values for the lines;

-Xms2703m
-Xmx2703m
-XX:MaxDirectMemorySize=2703m
...

To for example, to set it to 1024MB;

-Xms1024m
-Xmx1024m
-XX:MaxDirectMemorySize=1024m

Save and exit the file once you have made the changes. You can simply run the sed command below to replace the values;

sed -i 's/2703/1024/g' /opt/nexus/bin/nexus.vmoptions

Running Nexus Repository on Debian 11

Running Nexus in Standalone Mode

/opt/nexus/bin/nexus is the Nexus startup script.

To run Nexus in standalone mode, you can run this command.

However, you need to ensure that Nexus is run as nexus user.

Therefore, edit the file /opt/nexus/bin/nexus.rc and uncomment the line, #run_as_user="" and add nexus as the value.

sed -i 's/#run_as_user=""/run_as_user="nexus"/' /opt/nexus/bin/nexus.rc

Change the location of the Sonatype Work directory (Nexus data directory) to a location where nexus user has permissions to write.

For example, in our setup, we set the home directory for Nexus as /opt/nexus and we gave nexus user ownership of this directory.

By default, sonatype-work data directory is moved one directory up, hence, it is expected to be created under /opt, which the nexus user has no permissions to write.

Therefore, edit the /opt/nexus/bin/nexus.vmoptions and adjust the path of the Nexus directory (in the below settings, the directory is changed from ../sonatype-work to ./sonatype-work).

sed -i 's|../sonatype|./sonatype|' /opt/nexus/bin/nexus.vmoptions

You can then run Nexus in standalone mode.

sudo -u nexus /opt/nexus/bin/nexus start

It might take sometime for Nexus to start. While starting, tail the logs;

tail -f /opt/nexus/sonatype-work/nexus3/log/nexus.log
2021-10-21 20:33:43,243+0300 INFO  [jetty-main-1]  *SYSTEM com.softwarementors.extjs.djn.servlet.DirectJNgineServlet - Servlet GLOBAL configuration: registryConfiguratorClass=
2021-10-21 20:33:43,705+0300 INFO  [jetty-main-1]  *SYSTEM com.softwarementors.extjs.djn.jscodegen.CodeFileGenerator - Creating source files for APIs...
2021-10-21 20:33:46,340+0300 INFO  [jetty-main-1]  *SYSTEM org.sonatype.nexus.siesta.SiestaServlet - JAX-RS RuntimeDelegate: org.sona[email protected]22c27d33
2021-10-21 20:33:46,747+0300 INFO  [jetty-main-1]  *SYSTEM org.jboss.resteasy.plugins.validation.i18n - RESTEASY008550: Unable to find CDI supporting ValidatorFactory. Using default ValidatorFactory
2021-10-21 20:33:54,042+0300 INFO  [periodic-8-thread-1]  *SYSTEM org.sonatype.nexus.rapture.internal.HealthCheckCacheManager - Health check status changed from false to true for Lifecycle Phase
2021-10-21 20:34:00,142+0300 INFO  [jetty-main-1]  *SYSTEM org.sonatype.nexus.siesta.SiestaServlet - Initialized
2021-10-21 20:34:00,198+0300 INFO  [jetty-main-1]  *SYSTEM org.sonatype.nexus.repository.httpbridge.internal.ViewServlet - Initialized
2021-10-21 20:34:01,234+0300 INFO  [jetty-main-1]  *SYSTEM org.eclipse.jetty.server.handler.ContextHandler - Started [email protected]{Sonatype Nexus,/,file:///opt/nexus/public/,AVAILABLE}
2021-10-21 20:34:02,532+0300 INFO  [jetty-main-1]  *SYSTEM org.eclipse.jetty.server.AbstractConnector - Started [email protected]{HTTP/1.1, (http/1.1)}{0.0.0.0:8081}
2021-10-21 20:34:02,534+0300 INFO  [jetty-main-1]  *SYSTEM org.eclipse.jetty.server.Server - Started @535009ms
2021-10-21 20:34:02,564+0300 INFO  [jetty-main-1]  *SYSTEM org.sonatype.nexus.bootstrap.jetty.JettyServer - 
-------------------------------------------------

Started Sonatype Nexus OSS 3.35.0-02

-------------------------------------------------

Nexus listens on TCP port 8081 by default;

ss -altnp | grep :8081
LISTEN 0      50           0.0.0.0:8081       0.0.0.0:*    users:(("java",pid=2188,fd=699))

You should now be able to access Nexus web interface from browser.

You can stop it by running the command;

sudo -u nexus /opt/nexus/bin/nexus stop

Running Nexus Repository as a Systemd Service

To easily manage Nexus repository service, create a systemd service unit for it as shown below;

cat > /etc/systemd/system/nexus.service << 'EOL'
[Unit]
Description=nexus service
After=network.target

[Service]
Type=forking
LimitNOFILE=65536
ExecStart=/opt/nexus/bin/nexus start
ExecStop=/opt/nexus/bin/nexus stop
User=nexus
Restart=on-abort

[Install]
WantedBy=multi-user.target
EOL

Reload the systemd manager configuration;

systemctl daemon-reload

Start and enable Nexus service to run on system reboot;

systemctl enable --now nexus

Check the service status;

systemctl status nexus
● nexus.service - nexus service
     Loaded: loaded (/etc/systemd/system/nexus.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2021-10-21 20:39:09 EAT; 4s ago
    Process: 2009 ExecStart=/opt/nexus/bin/nexus start (code=exited, status=0/SUCCESS)
   Main PID: 2188 (java)
      Tasks: 15 (limit: 1133)
     Memory: 74.6M
        CPU: 1.364s
     CGroup: /system.slice/nexus.service
             └─2188 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -server -Dinstall4j.jvmDir=/usr/lib/jvm/java-8-openjdk-amd64/jre -Dexe4j.moduleName=/opt/nexus/bin/nexus>

Oct 21 20:39:09 bullseye.kifarunix-demo.com systemd[1]: Starting nexus service...
Oct 21 20:39:09 bullseye.kifarunix-demo.com nexus[2009]: Starting nexus
Oct 21 20:39:09 bullseye.kifarunix-demo.com systemd[1]: Started nexus service.

You can as well check the logs for verification;

tail -f /opt/nexus/sonatype-work/nexus3/log/nexus.log

Accessing Nexus Repository Web Interface

You can now access Nexus repository from browser using the address http://server-IP-or-resolvable-hostname:8081.

If UFW is running, you need to open port 8081 to allow external access.

ufw allow 8081/tcp

Next, you can access from browser. Such an interface should welcome you.

Install Nexus Repository Manager on Debian 11

Setup Nexus Repository Manager

Click the sign in button at the top right corner. Login as admin.

The password is located on the file, /opt/nexus/sonatype-work/nexus3/admin.password.

To get the password, just print the contents of the file.

cat /opt/nexus/sonatype-work/nexus3/admin.password
Install Nexus Repository Manager on Debian 11

Once you logged in, click next to proceed to setup Nexus.

  1. Reset Nexus repository admin password
  2. Configure anonymous access. You can choose to disable the anonymous access to secure Nexus repositories by requiring user to authenticate before they can browse through the repositories.
  3. Finish the setup

You can access Nexus repository manager settings by clicking on the gear icon;

Install Nexus Repository Manager on Debian 11

You can go through the settings and make adjustments to suite your needs.

That marks the end of our tutorial on how to install Nexus repository manager on Debian 11.

Further Reading

Read more about Nexus and its setup on Nexus Repository Manager 3 documentation page.

Nexus Repository Manager 3 documentation page

Other Tutorials

Install Nexus Repository Manager on Ubuntu 20.04

Install Nexus Repository Manager on Debian 10

LEAVE A REPLY

Please enter your comment!
Please enter your name here