Deploy A Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager is all-in-on registry server app. It can be deployed easily via docker, here's my cookbook.

Deploy Sonatype Nexus Repository Manager via docker-compose

After you had docker setting up:

• install docker-ce
• install docker-compose

Let's deploy the app with the docker official image sonatype/nexus3

docker-compose.yaml

version: "3.5"

services:
  nexus:
    restart: always
    image: sonatype/nexus3 # using the official image
    container_name: nexus3
    volumes:
     - "./data:/nexus-data" # store the data on host
    ports:
     - "8081:8081" # port for the app
     - "8082:8082" # port for docker registry

Serve Sonatype Nexus Repository Manager via Nginx Reverse Proxy

Nginx config is simple and usual.

server {
    server_name your.domain.com;
    location / {
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://<NEXUS_APP_HOST>:8081;
        proxy_set_header X-Forwarded-Proto "https";
    }
    # other ssl configuration ... 
}

At this point, you're ready to access most of the kinds of registry in Sonatype Nexus Repository Manager, just login into the manager and get registry url from admin area, and you're good to go.

But reverse proxying a docker registry needs some more touch.

Reverse Proxying Private Docker Registry in Sonatype Nexus Repository Manager

• Go to docker registry's admin area in Sonatype Nexus Repository Manager
• Check HTTP and assign a port to it like did back in docker-compose.yaml, mine is 8082
• Setting up Nginx configuration as below

server {
    server_name your.docker.registry.domain.com;

    client_max_body_size 20G;

    ## route docker registry's v2 api
    location /v2/ {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto "https";
        proxy_pass http://<NEXUS_APP_HOST>:8082;
    }

    ## route Sonatype Nexus Repository Manager
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto "https";
        proxy_pass http://<NEXUS_APP_HOST>:8081;
    }

    # SSL must be configured if you want to add the registry to docker daemon's registry-mirrors
}