Sonatype Nexus Repository Manager is all-in-on registry server app. It can be deployed easily via docker, here’s my cookbook.

Deploy Sonatype Nexus Repository Manager via docker-compose

After you had docker setting up:

Let’s deploy the app with the docker official image sonatype/nexus3

docker-compose.yaml

1
2
3
4
5
6
7
8
9
10
11
12
version: "3.5"

services:
nexus:
restart: always
image: sonatype/nexus3 # using the official image
container_name: nexus3
volumes:
- "./data:/nexus-data" # store the data on host
ports:
- "8081:8081" # port for the app
- "8082:8082" # port for docker registry

Serve Sonatype Nexus Repository Manager via Nginx Reverse Proxy

Nginx config is simple and usual.

1
2
3
4
5
6
7
8
9
10
11
12
server {
server_name your.domain.com;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://<NEXUS_APP_HOST>:8081;
proxy_set_header X-Forwarded-Proto "https";
}
# other ssl configuration ...
}

At this point, you’re ready to access most of the kinds of registry in Sonatype Nexus Repository Manager, just login into the manager and get registry url from admin area, and you’re good to go.

But reverse proxying a docker registry needs some more touch.

Reverse Proxying Private Docker Registry in Sonatype Nexus Repository Manager

  • Go to docker registry’s admin area in Sonatype Nexus Repository Manager
  • Check HTTP and assign a port to it like did back in docker-compose.yaml, mine is 8082
  • Setting up Nginx configuration as below
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
server {
server_name your.docker.registry.domain.com;

client_max_body_size 20G;

## route docker registry's v2 api
location /v2/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://<NEXUS_APP_HOST>:8082;
}

## route Sonatype Nexus Repository Manager
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://<NEXUS_APP_HOST>:8081;
}

# SSL must be configured if you want to add the registry to docker daemon's registry-mirrors
}