Sonatype Nexus is one of the best repository managers out there. It is some tool that you cannot avoid in your CI/CD pipeline. It effectively manages deployable artifacts.
This article guides you to install and configure Sonatype Nexus 3 in a secure way on a Ubuntu Linux System.
Install Java
apt-get update
apt install openjdk-8-jre-headless
Download Nexus
cd /opt
wget https://sonatype-download.global.ssl.fastly.net/repository/repositoryManager/3/nexus-3.16.1-02-unix.tar.gz
tar -zxvf nexus-3.16.1-02-unix.tar.gz
mv /opt/nexus-3.16.1-02 /opt/nexus
As a good security practice, it is not advised to run nexus service as root. so create a new user called nexus and grant sudo access to manage nexus services
sudo adduser nexus
Set no password for nexus user and enter below command to edit sudo file
visudo
Add the below line and Save.
nexus ALL=(ALL) NOPASSWD: ALL
Change file and owner permission for nexus files
sudo chown -R nexus:nexus /opt/nexus
sudo chown -R nexus:nexus /opt/sonatype-work
Add nexus as a service at boot time
Open /opt/nexus/bin/nexus.rc file, uncomment run_as_user parameter and set it as following.
vim /opt/nexus/bin/nexus.rc
run_as_user="nexus" (file shold have only this line)
Add nexus as a service at boot time
sudo ln -s /opt/nexus/bin/nexus /etc/init.d/nexus
Log in as a nexus user and start service
su - nexus
/etc/init.d/nexus start
Now, log in nexus server from a browser on port 8081
http://<Nexus_server>:8081
Use default credentials to log in
username: admin
password: admin123