container uygulamaları için yerel repoya ihtiyacınız olursa nexus kullanabilirsiniz.
Aşağıdaki linkteki script rhel8 tabanlı sistemlerde test edilmiştir.
https://akyuz.tech/nexus-kurulum/install-nexus.sh
remzi@fedora:~$ cat nexus-kurulum/install-nexus.sh
#!/bin/bash
# Variables
NEXUS_VERSION="3.77.2-02"
NEXUS_TAR="nexus-${NEXUS_VERSION}-unix.tar.gz"
NEXUS_DOWNLOAD_URL="https://download.sonatype.com/nexus/3/${NEXUS_TAR}"
JAVA_VERSION="17"
NEXUS_USER="nexus"
NEXUS_UID=30033
NEXUS_GID=30033
INSTALL_DIR="/app/nexus"
REPO_DIR="/app/data/nexus-repo"
WORK_DIR="/app/data/nexus/sonatype-work"
DATA_DIR="${WORK_DIR}/nexus3"
NEXUS_PORT=8081
# Ensure script is run as root
if [ "$(id -u)" -ne 0 ]; then
echo "Please run this script as root."
exit 1
fi
# Check if JDK 17 is installed and skip installation if it is
if rpm -qa | grep -q 'java-17-openjdk'; then
echo "JDK ${JAVA_VERSION} is already installed, skipping installation."
else
echo "Installing JDK ${JAVA_VERSION}..."
yum install -y java-17-openjdk java-17-openjdk-devel
fi
# Verify JDK installation
java_version=$(java -version 2>&1 | head -n 1 | grep -o "17")
if [ "$java_version" != "$JAVA_VERSION" ]; then
echo "JDK ${JAVA_VERSION} installation failed."
exit 1
else
echo "JDK ${JAVA_VERSION} is ready for use."
fi
# Create Nexus user with specified UID and GID
echo "Creating Nexus user and group..."
getent group ${NEXUS_GID} >/dev/null || groupadd -g ${NEXUS_GID} ${NEXUS_USER}
getent passwd ${NEXUS_UID} >/dev/null || useradd -u ${NEXUS_UID} -g ${NEXUS_GID} -m -d ${INSTALL_DIR} -s /sbin/nologin ${NEXUS_USER}
# Create necessary directories
echo "Creating application, repository, work, and data directories..."
mkdir -p ${INSTALL_DIR}
mkdir -p ${REPO_DIR}
mkdir -p ${WORK_DIR}
mkdir -p ${DATA_DIR}
chown -R ${NEXUS_USER}:${NEXUS_USER} ${INSTALL_DIR} ${REPO_DIR} ${WORK_DIR} ${DATA_DIR}
# Check if Nexus tar file is already downloaded in the current directory
if [ -f "./${NEXUS_TAR}" ]; then
echo "Found existing Nexus archive in current directory. Using it for installation."
cp ./${NEXUS_TAR} /tmp/
else
# Download Nexus if not found locally
echo "Downloading Nexus Repository..."
curl -L -o /tmp/${NEXUS_TAR} ${NEXUS_DOWNLOAD_URL}
fi
# Extract Nexus and set permissions
echo "Installing Nexus Repository..."
tar -xzf /tmp/${NEXUS_TAR} -C ${INSTALL_DIR} --strip-components=1
chown -R ${NEXUS_USER}:${NEXUS_USER} ${INSTALL_DIR}
rm -f /tmp/${NEXUS_TAR}
# Configure Nexus to run as nexus user
echo "Configuring Nexus to run as ${NEXUS_USER}..."
echo "run_as_user=\"${NEXUS_USER}\"" > ${INSTALL_DIR}/bin/nexus.rc
# Configure nexus.vmoptions file with absolute paths
echo "Configuring nexus.vmoptions..."
NEXUS_VMOPTIONS="${INSTALL_DIR}/bin/nexus.vmoptions"
if [ -f "$NEXUS_VMOPTIONS" ]; then
# Update or add specific lines in nexus.vmoptions using sed
sed -i "s|^-XX:LogFile=.*|-XX:LogFile=${DATA_DIR}/log/jvm.log|" "$NEXUS_VMOPTIONS"
sed -i "s|^-Dkaraf.data=.*|-Dkaraf.data=${DATA_DIR}|" "$NEXUS_VMOPTIONS"
sed -i "s|^-Dkaraf.log=.*|-Dkaraf.log=${DATA_DIR}/log|" "$NEXUS_VMOPTIONS"
sed -i "s|^-Djava.io.tmpdir=.*|-Djava.io.tmpdir=${DATA_DIR}/tmp|" "$NEXUS_VMOPTIONS"
else
# If nexus.vmoptions does not exist, create it with the required settings
cat <<EOL > "$NEXUS_VMOPTIONS"
-XX:LogFile=${DATA_DIR}/log/jvm.log
-Dkaraf.data=${DATA_DIR}
-Dkaraf.log=${DATA_DIR}/log
-Djava.io.tmpdir=${DATA_DIR}/tmp
EOL
fi
# Set absolute paths in nexus-default.properties
if [ -f "${INSTALL_DIR}/etc/nexus-default.properties" ]; then
sed -i "s|nexus-work=.*|nexus-work=${WORK_DIR}|" ${INSTALL_DIR}/etc/nexus-default.properties
echo "data-dir=${DATA_DIR}" >> ${INSTALL_DIR}/etc/nexus-default.properties
fi
# Create a systemd service for Nexus with environment variables for paths
echo "Creating systemd service for Nexus..."
cat <<EOL > /etc/systemd/system/nexus.service
[Unit]
Description=Nexus Repository Manager
After=network.target
[Service]
Type=forking
LimitNOFILE=65536
Environment="NEXUS_HOME=${INSTALL_DIR}"
Environment="NEXUS_DATA=${DATA_DIR}"
Environment="HOME=${DATA_DIR}"
Environment="JAVA_TOOL_OPTIONS=-Duser.home=${DATA_DIR}"
Environment="INSTALL4J_ADD_VM_PARAMS=-Dkaraf.data=${DATA_DIR} -Dkaraf.home=${INSTALL_DIR} -Dkaraf.base=${INSTALL_DIR} -Djava.io.tmpdir=${DATA_DIR}/tmp"
ExecStart=${INSTALL_DIR}/bin/nexus start
ExecStop=${INSTALL_DIR}/bin/nexus stop
User=${NEXUS_USER}
Restart=on-abort
[Install]
WantedBy=multi-user.target
EOL
# Open firewall port for Nexus and make it permanent
echo "Configuring firewall for Nexus..."
firewall-cmd --permanent --add-port=${NEXUS_PORT}/tcp
firewall-cmd --reload
# Enable and start Nexus service
echo "Enabling and starting Nexus service..."
systemctl daemon-reload
systemctl enable nexus
systemctl start nexus
echo "Nexus installation and setup complete. Nexus is accessible on port ${NEXUS_PORT}."
remzi@fedora:~$
nexus direk erişime açmak istemediğimiz durumlarda önüne bir tane nginx koyabiliriz.
Lab ortamında sorunlar giderilmiş ve test edilmiş örnek nginx ayar dosyası aşağıdadır.
[root@nexus ~]# decomment /etc/nginx/conf.d/nexus.conf
server {
listen 443 ssl;
server_name nexus.local.lab;
client_max_body_size 10240M;
client_body_buffer_size 1024M;
client_body_temp_path /mnt/nginx_temp 1 2;
proxy_buffering off;
ssl_certificate /etc/nginx/ssl/nexus.crt;
ssl_certificate_key /etc/nginx/ssl/nexus.key;
location / {
proxy_pass http://localhost:5000; # Nexus’un HTTP portu
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 1800;
proxy_send_timeout 1800;
}
location /v2/ {
proxy_pass http://localhost:5000/v2/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_read_timeout 1800;
proxy_connect_timeout 1800;
proxy_request_buffering off;
proxy_send_timeout 1800;
}
}
server {
listen 80;
server_name nexus.local.lab;
return 301 https://$host$request_uri;
client_max_body_size 10240M;
proxy_buffering off;
}
[root@nexus ~]#
Test ortamında repoda den büyük dosyalar bulunduğundan dolayı body size 10G ayarlanmıştır.
Sizlerde büyük dosyalar yoksa bunu düşürebilirsiniz.
Hiç yorum yok:
Yorum Gönder