In this tutorial, you will learn how to run Nexus repository behind Nginx reverse proxy. Nginx can be configure to proxy HTTP requests. In this setup, Nginx receives requests and passes it onto specified proxied server, fetches the response, and sends it back to the client.
In our previous article, we learnt how to install Nexus repository;
Install Nexus Repository Manager on Debian 11
Install Nexus Repository Manager on Ubuntu 20.04
Install Nexus Repository Manager on Debian 10
Running Nexus Repository Behind Nginx Reverse Proxy
In all the above tutorials, Nexus port 8081 is exposed to the external networks as can be seen on Nexus URL, http://server-IP:8081
.
When you run Nexus repository behind a reverse proxy, you can access it without having to specify its port on the URL.
Bind Nexus Repository to Localhost Interface
NOTE: if your Nexus instance is already listening on a loopback address, then skip this step.
When you check, by default, at least in the guides above, Nexus is not bound to specific interface on a server on which it is running and hence listens on all interfaces on port 8081.
ss -altnp | grep 8081
LISTEN 0 50 0.0.0.0:8081 0.0.0.0:* users:(("java",pid=663,fd=691))
Before you can proceed to run Nexus repository manager behind Nginx reverse proxy, first configure Nexus to bind it to a loopback interface, 127.0.0.1
.
As shown by the ss
command output above, Nexus listens on all interfaces on port 8081/tcp.
grep application- /opt/nexus/etc/nexus-default.properties
application-port=8081
application-host=0.0.0.0
To bind Nexus to localhost interface, replace the 0.0.0.0 address in the configuration file above with the specific server loopback IP address;
sed -i 's/0.0.0.0/127.0.0.1/' /opt/nexus/etc/nexus-default.properties
Once you have made the changes, restart Nexus;
systemctl restart nexus
Once Nexus starts, you can confirm the address it is bind to again;
ss -altnp | grep 8081
Sample output;
LISTEN 0 50 127.0.0.1:8081 0.0.0.0:* users:(("java",pid=2711,fd=699))
Install Nginx Web Server
Next, install Nginx Web server;
apt install nginx -y
Run Nexus Repository Manager Behind Nginx Reverse Proxy
Once Nginx Web server is installed, create Nexus site.
Any requests that comes to this site will be forward to the Nexus repository running on the same host and listening on loopback interface.
Create Nginx Nexus Site Configuration
To create the Nexus site configuration, /etc/nginx/sites-available/nexus
, you can simply copy and paste the content below on the terminal.
Replace the names of the site accordingly.
cat > /etc/nginx/sites-available/nexus << 'EOL'
server {
listen *:80 default_server;
server_name nexus.kifarunix-demo.com;
access_log /var/log/nginx/nexus.access.log;
error_log /var/log/nginx/nexus.error.log;
location / {
proxy_pass http://127.0.0.1:8081/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
keepalive_timeout 5 5;
tcp_nodelay on;
proxy_connect_timeout 90;
proxy_send_timeout 120;
proxy_read_timeout 300;
client_max_body_size 10m;
}
}
EOL
Verify Nginx Syntax;
nginx -t
If the output is, similar to below;
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
then you are good to proceed. Otherwise fix any errors before you can proceed.
Disable default Nginx site;
unlink /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default
Enable Nginx Nexus site;
ln -s /etc/nginx/sites-available/nexus /etc/nginx/sites-enabled/
Restart Nginx;
systemctl restart nginx
Accessing Nexus running behind Nginx Proxy
You can now access your Nexus without specifying the port on the url.
And that is how easy it is to run Nexus repository manager behind Nginx reverse proxy.
Reference