Follow through this tutorial to learn how to run Nexus repository manager behind Apache reverse proxy. According Reverse proxy guide page, Apache, apart from functioning as a “basic” web server, and providing static and dynamic content to end-users, it ca also act as a reverse proxy server, also-known-as a “gateway” server.
Running Nexus Repository Manager Behind Apache Reverse Proxy
In our previous tutorial, we learnt how to install Nexus repository manager;
Install Nexus Repository Manager on Debian 11
Install Nexus Repository Manager on Ubuntu 20.04
Install Nexus Repository Manager on Debian 10
In all the above tutorials, Nexus port 8081 is exposed to the external networks as can be seen on Nexus URL, http://server-IP:8081.
When you run Nexus repository behind a reverse proxy, you can access it without having to specify its port on the URL.
Bind Nexus Repository to Localhost Interface
NOTE: if your Nexus instance is already listening on a loopback address, then skip this step.
When you check, by default, at least in the guides above, Nexus is not bound to specific interface on a server on which it is running and hence listens on all interfaces on port 8081.
ss -altnp | grep 8081LISTEN 0 50 0.0.0.0:8081 0.0.0.0:* users:(("java",pid=663,fd=691))Before you can proceed, first configure Nexus to bind it to a loopback interface, 127.0.0.1.
As shown by the ss command output above, Nexus listens on all interfaces on port 8081/tcp.
grep application- /opt/nexus/etc/nexus-default.propertiesapplication-port=8081
application-host=0.0.0.0To bind Nexus to localhost interface, replace the 0.0.0.0 address in the configuration file above;
sed -i 's/0.0.0.0/127.0.0.1/' /opt/nexus/etc/nexus-default.propertiesOnce you have made the changes, restart Nexus;
systemctl restart nexusOnce Nexus starts, you can confirm the address it is bind to again;
ss -altnp | grep 8081Sample output;
LISTEN 0 50 127.0.0.1:8081 0.0.0.0:* users:(("java",pid=2711,fd=699))Install Apache Web Server
Next, install Apache Web server;
apt install apache2 -yRunning Nexus Repository Manager Behind Apache Reverse Proxy
Once Apache Web server is installed, create Nexus site. Any requests that comes to this site will be forward to the Nexus repository running on the same host on loopback interface.
Create Apache Nexus Site Configuration
To create the Nexus site configuration, /etc/apache2/sites-available/nexus.conf, you can simply copy and paste the content below on the terminal.
Replace the names of the site accordingly.
cat > /etc/apache2/sites-available/nexus.conf<< 'EOL'
ProxyRequests Off
ProxyPreserveHost On
ServerName nexus.kifarunix-demo.com
ServerAdmin [email protected]
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:8081/ nocanon
ProxyPassReverse / http://localhost:8081/
ErrorLog ${APACHE_LOG_DIR}/nexus.error.log
CustomLog ${APACHE_LOG_DIR}/nexus.access.log common
EOL
Verify Apache Syntax;
apachectl -tIf the output is, Syntax OK, then you are good to proceed. Otherwise fix any would be errors before you can proceed.
Disable default Apache site;
a2dissite 000-default.confEnable Apache Nexus site;
a2ensite nexus.confEnable Apache Proxy Modules
Next, you need to enable required Apache proxy modules (mod_proxy and mod_proxy_http).
a2enmod proxy proxy_httpRestart Apache Web server;
systemctl restart apache2Accessing Nexus running behind Apache Proxy
You can now access your Nexus without specifying the port on the url.
Reference
Other Tutorials
Run Nexus Repository Behind Nginx Reverse Proxy
