Install Nexus Repository Manager on Debian 10

|
Last Updated:
|
|
Install Nexus Repository Manager on Debian 10

Welcome to our tutorial on how to install Nexus repository manager on Debian 10. Nexus is the World’s #1 repository manager for build artifacts. There exist two versions of Nexus repository manager;

In this tutorial, we will be dealing with the OSS version of the Nexus repository manager.

Install Nexus on Debian 10

System Requirements

Ensure that at least the minimum requirements are met by your system before you can proceed to install Nexus repository manager as outlined on Nexus system requirements page, links provided below.

Run System Update

Update system package cache;

apt update

Install Java on Debian 10

Nexus repository manager requires Java 8 Runtime Environment (JRE). You can install full JDK or just the JRE.

You can simply run the command below to install Java 8 on Debian 10 (note that as of this writing, there are no official debian source list providing this package, hence we are using debian 9 repos);

cat > /etc/apt/sources.list.d/java-8.list << 'EOL'
deb http://ftp.debian.org/debian stretch main
deb-src http://ftp.debian.org/debian stretch main
EOL
apt update

Then install Java 8;

apt install openjdk-8-jdk

Confirm the installed version of Java;

java -version
openjdk version "1.8.0_252"
OpenJDK Runtime Environment (build 1.8.0_252-8u252-b09-1~deb9u1-b09)
OpenJDK 64-Bit Server VM (build 25.252-b09, mixed mode)

Create Dedicated Nexus System Account

As a security precaution, Nexus Repository Manager should NOT be run as the root user. Instead, create a system account for Nexus;

useradd -M -d /opt/nexus -s /bin/bash -r nexus

Allow the nexus user to run all commands with sudo without password.

apt install sudo
echo "nexus   ALL=(ALL)       NOPASSWD: ALL" > /etc/sudoers.d/nexus

Download Nexus Repository OSS Tarball

Next, navigate to Nexus repository OSS downloads page, register for an account and download Nexus repository OSS for Unix tarball.

You can simply obtain the link and pull the tarball using wget command as shown below. Note that this downloads the current stable release version of Nexus as of this writing.

wget https://sonatype-download.global.ssl.fastly.net/repository/downloads-prod-group/3/nexus-3.29.2-02-unix.tar.gz

Install Nexus Repository Manager

Extract Nexus Repository OSS tarball

Navigate to the directory where you downloaded the Nexus tarball and extract it to the nexus user home directory, which in this guide is /opt/nexus.

mkdir /opt/nexus
tar xzf nexus-3.29.2-02-unix.tar.gz -C /opt/nexus --strip-components=1

Checking the contents of the /opt/nexus directory;

ls
bin  deploy  etc  lib  nexus3  NOTICE.txt  OSS-LICENSE.txt  PRO-LICENSE.txt  public  system

Set the proper ownership of the nexus directory;

chown -R nexus: /opt/nexus

Adjust the Nexus Memory Heap Size

The default minimum JVM heap for Nexus is 2037MB with maximum recommended being 4G. If you have less memory, you can reduce it by editing the file /opt/nexus/bin/nexus.vmoptions and setting a lower value, for demo purposes.

vim /opt/nexus/bin/nexus.vmoptions

Replace the default values for the lines;

-Xms2703m
-Xmx2703m
-XX:MaxDirectMemorySize=2703m
...

To for example, to set it to 1024MB;

-Xms1024m
-Xmx1024m
-XX:MaxDirectMemorySize=1024m

Save and exit the file once you have made the changes.

Running Nexus Repository on Debian 10

Nexus provides a startup script at /opt/nexus/bin/nexus.

To run Nexus in standalone mode, you can run this command. However, you need to ensure that Nexus is run as nexus user.

Therefore, edit the file /opt/nexus/bin/nexus.rc and uncomment the line, #run_as_user="" and add nexus as the value.

sed -i 's/#run_as_user=""/run_as_user="nexus"/' /opt/nexus/bin/nexus.rc

Change the location of the Sonatype Work directory (Nexus data directory) to a location where nexus user has permissions to write. For example, in our setup, we set the home directory for Nexus as /opt/nexus and we gave nexus user ownership of this directory.

By default, sonatype-work data directory is moved one directory up, hence, it is expected to be created under /opt, which the nexus user has no permissions to write.

Therefore, edit the /opt/nexus/bin/nexus.vmoptions and adjust the path of the Nexus directory (in the below settings, the directory is changed from ../sonatype-work to ./sonatype-work).

vim /opt/nexus/bin/nexus.vmoptions
-XX:LogFile=./sonatype-work/nexus3/log/jvm.log
-XX:-OmitStackTraceInFastThrow
-Djava.net.preferIPv4Stack=true
-Dkaraf.home=.
-Dkaraf.base=.
-Dkaraf.etc=etc/karaf
-Djava.util.logging.config.file=etc/karaf/java.util.logging.properties
-Dkaraf.data=./sonatype-work/nexus3
-Dkaraf.log=./sonatype-work/nexus3/log
-Djava.io.tmpdir=./sonatype-work/nexus3/tmp
...

Next, you can then run Nexus;

sudo -u nexus /opt/nexus/bin/nexus start

It might take sometime for Nexus to start. While starting, tail the logs;

tail -f /opt/nexus/sonatype-work/nexus3/log/nexus.log
2021-02-04 06:12:59,680-0500 INFO  [jetty-main-1]  *SYSTEM org.sonatype.nexus.siesta.SiestaServlet - Initialized
2021-02-04 06:12:59,685-0500 INFO  [jetty-main-1]  *SYSTEM org.sonatype.nexus.repository.httpbridge.internal.ViewServlet - Initialized
2021-02-04 06:12:59,713-0500 INFO  [jetty-main-1]  *SYSTEM org.eclipse.jetty.server.handler.ContextHandler - Started o.e.j.w.WebAppContext@ce9731c{Sonatype Nexus,/,file:///opt/nexus/public/,AVAILABLE}
2021-02-04 06:12:59,765-0500 INFO  [jetty-main-1]  *SYSTEM org.eclipse.jetty.server.AbstractConnector - Started ServerConnector@20cd86a8{HTTP/1.1, (http/1.1)}{0.0.0.0:8081}
2021-02-04 06:12:59,765-0500 INFO  [jetty-main-1]  *SYSTEM org.eclipse.jetty.server.Server - Started @225365ms
2021-02-04 06:12:59,766-0500 INFO  [jetty-main-1]  *SYSTEM org.sonatype.nexus.bootstrap.jetty.JettyServer - 
-------------------------------------------------

Started Sonatype Nexus OSS 3.29.2-02

-------------------------------------------------

Nexus listens on TCP port 8081 by default;

netstat -altnp | grep :8081
tcp        0      0 0.0.0.0:8081            0.0.0.0:*               LISTEN      2113/java

You should now be able to access Nexus web interface from browser.

Create Nexus Repository Systemd Service

In order to easily manage Nexus repository service, create a systemd service unit for it as shown below;

cat > /etc/systemd/system/nexus.service << 'EOL'
[Unit]
Description=nexus service
After=network.target

[Service]
Type=forking
LimitNOFILE=65536
ExecStart=/opt/nexus/bin/nexus start
ExecStop=/opt/nexus/bin/nexus stop
User=nexus
Restart=on-abort

[Install]
WantedBy=multi-user.target
EOL

Next, stop Nexus if you already started it with startup script above.

/opt/nexus/bin/nexus stop

Reload the systemd manager configuration;

systemctl daemon-reload

Start and enable Nexus service to run on system reboot;

systemctl enable --now nexus.service

Check the service status;

systemctl status nexus
● nexus.service - nexus service
   Loaded: loaded (/etc/systemd/system/nexus.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2021-02-04 12:04:47 EST; 50s ago
  Process: 1439 ExecStart=/opt/nexus/bin/nexus start (code=exited, status=0/SUCCESS)
 Main PID: 1611 (java)
    Tasks: 85 (limit: 4700)
   Memory: 1.0G
   CGroup: /system.slice/nexus.service
           └─1611 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -server -Dinstall4j.jvmDir=/usr/lib/jvm/java-8-openjdk-amd64/jre -Dexe4j.moduleName=/opt/nexus/bin/nexus -X

Feb 04 12:04:47 debian systemd[1]: Starting nexus service...
Feb 04 12:04:47 debian nexus[1439]: Starting nexus
Feb 04 12:04:47 debian systemd[1]: Started nexus service.

You can as well check the logs for verification;

tail -f /opt/nexus/sonatype-work/nexus3/log/nexus.log

Accessing Nexus Repository Web Interface

You can now access Nexus repository from browser using the address http://server-IP-or-resolvable-hostname:8081.

If UFW is running, you need to open port 8081 to allow external access.

ufw allow 8081/tcp

Next, you can access from browser. Such an interface should welcome you.

nexus repo dashboard

Setup Nexus Repository Manager

Click the sign in button at the top right corner. Login as admin. The password is located on the file, /opt/nexus/sonatype-work/nexus3/admin.password.

nexus signin

Once you logged in, click next to proceed to setup Nexus.

  1. Reset Nexus repository admin password
  2. Configure anonymous access. You can choose to disable the anonymous access to secure Nexus repositories by requiring user to authenticate before they can browser through the repositories.
  3. Finish the setup

You can access Nexus repository manager settings by clicking on the gear icon;

nexus dashboard

You can go through the settings and make adjustments to suite your needs.

That marks the end of our tutorial on how to install Nexus repository manager.

Further Reading

Read more about Nexus and its setup on Nexus Repository Manager 3 documentation page.

Nexus Repository Manager 3 documentation page

Other Tutorials

Install Zammad Ticketing System on Debian 10

Install Zammad Ticketing System on Ubuntu 20.04

Install and Setup Nessus Scanner on Ubuntu 20.04

Install Passbolt Password Manager on Debian 10

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
gen_too
Co-founder of Kifarunix.com, Linux Tips and Tutorials. Linux/Unix admin and author at Kifarunix.com.

Leave a Comment