Public Repository

Last pushed: 2 days ago
Short Description
Sonatype Nexus container
Full Description

nexus

See https://github.com/clearent/nexus for source

A Dockerfile for Sonatype Nexus Repository Manager 3, based on Alpine.

To run, binding the exposed port 8081 to the host.

$ docker run -d -p 8081:8081 --name nexus clearent/nexus

Notes

  • Default credentials are: admin / admin123

  • It can take some time (2-3 minutes) for the service to launch in a
    new container. You can tail the log to determine once Nexus is ready:

$ docker logs -f nexus
  • Installation of Nexus is to /opt/sonatype/nexus.

  • A persistent directory, /nexus-data, is used for configuration,
    logs, and storage.

  • Two environment variables can be used to control the JVM arguments

    • JAVA_MAX_MEM, passed as -Xmx. Defaults to 1200m.

    • JAVA_MIN_MEM, passed as -Xms. Defaults to 1200m.

    These can be used supplied at runtime to control the JVM:

    $ docker run -d -p 8081:8081 --name nexus -e JAVA_MAX_MEM=2048M clearent/nexus
    

SSL

If you want to run Nexus in SSL, you need to create a Java keystore file with your certificate. See the Jetty documentation for help.

You will need to mount your keystore to the appropriate directory and pass in the keystore password as well.

$ docker run -d -p 8443:8443 --name nexus -v /path/to/your-keystore.jks:/nexus-data/keystore.jks -e JKS_PASSWORD="changeit" clearent/nexus

Nexus will now serve its' UI on HTTPS on port 8443 and redirect HTTP requests to HTTPS.

Persistent Data

There are two general approaches to handling persistent storage requirements
with Docker. See Managing Data in Containers
for additional information.

  1. Use a data volume container. Since data volumes are persistent
    until no containers use them, a container can created specifically for
    this purpose. This is the recommended approach.

    $ docker run -d --name nexus-data clearent/nexus echo "data-only container for Nexus"
    $ docker run -d -p 8081:8081 --name nexus --volumes-from nexus-data clearent/nexus
    
  2. Mount a host directory as the volume.

    $ docker run -d -p 8081:8081 --name nexus -v /some/dir/nexus-data:/nexus-data clearent/nexus
    
Docker Pull Command
Owner
clearent

Comments (12)
cavemandaveman
23 days ago

@nicklarsennz Unfortunately, it looks as though the default credentials are built into the nexus package itself, and it doesn't seem to be editable as far as I can tell.

I would recommend to add a new user through the UI as soon as nexus starts up and delete the default admin user.

nicklarsennz
a month ago

Love your work.
Would be awesome if the username/password could be supplied as environment variables.

cavemandaveman
3 months ago

@ronsenlinux I have never attempted an HA setup before, but I imagine if you have the /nexus-data directory on something like an NFS share that all your instances of Nexus mount, it may work. However, I would be cautious of this, since Nexus keeps stateful info like pid and lock files in that directory, and with >1 instance of Nexus reading/writing to the same directory there could be issues. If that works, then you will need to load balance between your instances with something like HAProxy.

Sonatype has a brief article about HA with Nexus2 (http://www.sonatype.org/nexus/2015/07/10/high-availability-ha-and-continuous-integration-ci-with-nexus-oss/) that may be of some help.

ronsenlinux
3 months ago

@HERE How to scale this nexus? I want a HA setup.

cavemandaveman
5 months ago

@ sameetn Do you mind creating an issue here?: https://github.com/clearent/nexus

To help you troubleshoot, I'll need some more info, like what host OS you are on and what docker run command you used to start the container.

At first glance, something looks way off, because /nexus-data should have several directories inside of it and it should be owned by the nexus user.

sameetn
5 months ago

I get a permissions denied in creating a file after mounting a volume. I tried running the container after creating the external mount folder owned by root on the host system.

/opt/sonatype/nexus # cd /nexus-data/ /nexus-data # ls -al total 4 drwx------ 2 root root 6 Jan 11 16:44 . drwxr-xr-x 20 root root 4096 Jan 11 16:57 .. /nexus-data # touch file touch: file: Permission denied /nexus-data #

cavemandaveman
6 months ago

@ianedwardthomas, is this affecting the startup of the container?

There is a known issue about these warnings (https://issues.sonatype.org/browse/NEXUS-10049) but they should be harmless. Unfortunately, I have no control over this, since it's baked into Sonatype's code.

ianedwardthomas
6 months ago

Tried latest image and also did own build of image. Maybe getting permission issue mentioned earlier. Maybe the su-exec is not working as expected?

  • exec su-exec nexus bin/nexus run
    2016-12-15 06:28:54,116+0000 WARN [pool-15-thread-1] SYSTEM org.apache.karaf.features.internal.service.FeaturesServiceImpl - Can't update cfg file
    java.io.FileNotFoundException: /opt/sonatype/nexus/etc/karaf/org.apache.karaf.command.acl.feature.cfg (Permission denied)
    ...
    2016-12-15 06:28:54,138+0000 WARN [pool-15-thread-1]
    SYSTEM org.apache.karaf.features.internal.service.FeaturesServiceImpl - Can't update cfg file
    java.io.FileNotFoundException: /opt/sonatype/nexus/etc/karaf/org.apache.karaf.command.acl.system.cfg (Permission denied)
    ...etc...
cavemandaveman
7 months ago

no problem :)
I have just updated the "latest" tagged image to use Nexus 3.1.0, so if you want the newest, you can re-pull or use the corresponding tag

cibclivelabs
7 months ago

Thank you so much! Sonaypes official image doesn't work, but this one does!