Run Nexus Repository Behind Nginx Reverse Proxy

0
15

In this tutorial, you will learn how to run Nexus repository behind Nginx reverse proxy. Nginx can be configure to proxy HTTP requests. In this setup, Nginx receives requests and passes it onto specified proxied server, fetches the response, and sends it back to the client.

In our previous article, we learnt how to install Nexus repository;

Install Nexus Repository Manager on Debian 11

Install Nexus Repository Manager on Ubuntu 20.04

Install Nexus Repository Manager on Debian 10

Run Nexus Repository Behind Nginx Reverse Proxy

In all the above tutorials, Nexus port 8081 is exposed to the external networks as can be seen on Nexus URL, http://server-IP:8081.

When you run Nexus repository behind a reverse proxy, you can access it without having to specify its port on the URL.

Bind Nexus Repository to Localhost Interface

NOTE: if your Nexus instance is already listening on a loopback address, then skip this step.

When you check, by default, at least in the guides above, Nexus is not bound to specific interface on a server on which it is running and hence listens on all interfaces on port 8081.

ss -altnp | grep 8081
LISTEN 0      50           0.0.0.0:8081       0.0.0.0:*    users:(("java",pid=663,fd=691))

Before you can proceed to run Nexus repository manager behind Nginx reverse proxy, first configure Nexus to bind it to a loopback interface, 127.0.0.1.

As shown by the ss command output above, Nexus listens on all interfaces on port 8081/tcp.

grep application- /opt/nexus/etc/nexus-default.properties
application-port=8081
application-host=0.0.0.0

To bind Nexus to localhost interface, replace the 0.0.0.0 address in the configuration file above with the specific server loopback IP address;

sed -i 's/0.0.0.0/127.0.0.1/' /opt/nexus/etc/nexus-default.properties

Once you have made the changes, restart Nexus;

systemctl restart nexus

Once Nexus starts, you can confirm the address it is bind to again;

ss -altnp | grep 8081

Sample output;

LISTEN 0      50         127.0.0.1:8081       0.0.0.0:*    users:(("java",pid=2711,fd=699))

Install Nginx Web Server

Next, install Nginx Web server;

apt install nginx -y

Run Nexus Repository Manager Behind Nginx Reverse Proxy

Once Nginx Web server is installed, create Nexus site.

Any requests that comes to this site will be forward to the Nexus repository running on the same host and listening on loopback interface.

Create Nginx Nexus Site Configuration

To create the Nexus site configuration, /etc/nginx/sites-available/nexus, you can simply copy and paste the content below on the terminal.

Replace the names of the site accordingly.

cat > /etc/nginx/sites-available/nexus << 'EOL'
  server {
    listen   *:80 default_server;
    server_name  nexus.kifarunix-demo.com;
    access_log /var/log/nginx/nexus.access.log;
    error_log /var/log/nginx/nexus.error.log;

    location / {
      proxy_pass http://127.0.0.1:8081/;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_buffering    off;
      proxy_request_buffering off;
      keepalive_timeout  5 5;
      tcp_nodelay        on;
      proxy_connect_timeout 90;
      proxy_send_timeout 120;
      proxy_read_timeout 300;
      client_max_body_size 10m;
    }
  }
EOL

Verify Nginx Syntax;

nginx -t

If the output is, similar to below;

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

then you are good to proceed. Otherwise fix any errors before you can proceed.

Disable default Nginx site;

unlink /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default

Enable Nginx Nexus site;

ln -s /etc/nginx/sites-available/nexus /etc/nginx/sites-enabled/

Restart Nginx;

systemctl restart nginx

Accessing Nexus running behind Nginx Proxy

You can now access your Nexus without specifying the port on the url.

Run Nexus Repository Manager Behind Apache Reverse Proxy

And that is how easy it is to run Nexus repository manager behind Nginx reverse proxy.

Reference

Nexus Reverse Proxy

Other tutorials

Run Nexus Repository Manager Behind Apache Reverse Proxy

LEAVE A REPLY

Please enter your comment!
Please enter your name here