Repository Management with Nexus
You can access global Nexus configuration by clicking on Server under Administration in the left-hand Nexus menu. The server configuration screens subsections are documented in the following.
Nexus sends email to users who need to recover user names and password, notifications for staging and a number of other uses. In order for these notifications to work, you need to configure the SMTP server settings in this dialog.
You can configure the Hostname and Port of the SMTP server to use as well as Username and Password. The Connection configuration allows you to configure Nexus to use plain or secure SMTP to connect to the server or to use STARTTLS for the connection, which would upgrade the initially established, plain connection to be encrypted. In all cases you will need to ensure that the correct port is used.
The System Email parameter defines the email address used in the
From: header of an email sent by Nexus. Typically this would be
configured as a "Do-Not-Reply" email address or a mailbox or mailing
list monitored by the administrators of the Nexus server.
Once you have configured the parameters you can use the Test SMTP settings button to confirm the configured parameters and the successful connection to the server. You will be asked to provide an email address that should receive a test email message and successful sending will be confirmed in another pop up message.
The HTTP Request Settings allow you to configure the identifier which Nexus uses when it is making an HTTP request. You may want to change this if Nexus needs to use an HTTP Proxy, and the Proxy will only work if the User Agent is set to a specific value.
You can also add extra parameters to place on a GET request to a remote repository. You could use this to add identifying information to requests.
The amount of time Nexus will wait for a request to succeed when interacting with an external, remote repository can be configured with the Request Timeout and Request Retry Attempts settings.
The security settings displayed in Figure 6.3, “Administration Security Settings” allow you to activate and prioritize security realms by adding them to the Selected Realms list on the left and placing them higher or lower on the list.
Effectively this configuration determines what authentication realm is used to grant a user access and the order the realms are used.
- Xml Authenticating and Xml Authorizing Realm
- the Nexus internal storage
- (Enterprise) LDAP Authentication Realm
- external storage in an LDAP system with details documented in Chapter 8, Nexus LDAP Integration
- Crowd Realm
- external storage in Atlassian Crowd system with details documented in Chapter 9, Atlassian Crowd Support
- Rut Auth Realm
- external authentication in any system with the user authorization passed to Nexus in a HTTP header field with details documented in Section 6.18, “Authentication via Remote User Token”.
The User Token Realm is required for user token support documented in Section 6.17, “Security Setup with User Tokens” and the NuGet API-Key Realm is needed for NuGet support documented in Chapter 17, .NET Package Repositories.
In addition you can enable or disable anonymous access, and set the username and password for anonymous access. The anonymous username and password is used to integrate with other realms that may need a special username for anonymous access. In other words, the username and password here is what we attempt to authorize when someone makes an anonymous request. You would change the anonymous username to "guest" if you wanted to integrate Nexus with Microsoft’s Active Directory.
This section allows you to change the Base URL for your Nexus installation. It is used when generating links in emails and RSS feeds. The Sonatype Nexus repository is available on http://respository.sonatype.org, and it makes use of this Base URL field to ensure that links in emails and RSS feeds point to the correct URL. If you are hosting Nexus behind a proxy server and you want to make sure that Nexus always uses the specified Base URL, check the "Force Base URL" checkbox. If the Force Base URL is not checked, Nexus will craft URLs in HTTP responses based on the request URL, but it will use the Base URL when it is generating emails.
This settings are especially important if Nexus is proxied by an external proxy server using a different protocol like https rather than plain http known to Nexus or a different hostname like repository.somecompany.com instead of an IP number only.
If your Nexus instance needs to reach public repositories like the Central Repository via a proxy server, you can configure the connection to a proxy server for HTTP and a potentially a different for HTTPS connection. If you do not configure a proxy for HTTPS, the HTTP proxy server settings will be used.
You can specify proxy host and proxy port and optionally the authentication details for username, password, NT LAN Host and NT LAN Manager Domain. In addition you can configure a number of hosts that should can be reached directly and do not need to go through the proxy in the Non Proxy Host setting. Figure 6.5, “Administration Default HTTP Proxy Settings” shows the Default HTTP Proxy Settings administration interface. The HTTPS configuration interface looks the same and is found below the HTTP configuration.
This is a critical, initial step for Nexus deployment in many enterprise deployments of Nexus, since these environments are typically secured via a HTTP/HTTPS proxy server for all outgoing internet traffic.
When you proxy remote repositories that are not available all the time, Nexus will automatically block and unblock them during downtimes. The System Notification Settings allows you define Email Adresses and roles for Nexus users that should receive notifications messages for these blocking and unblocking events.
Nexus Professional uses a PGP Key Server to retrieve PGP keys when validating artifact signatures. To add a new Key Server URL, enter the URL in the Key Server URL field and click on the Add button. To remove a Key Server URL, click on the URL you wish to remove from the list and click on the Remove button. Key Servers are consulted in the order that they are listed in the Key Server URLs list, to reorder your Key Server URLs, click and drag a URL in the Key Server URLs list.
Nexus can notify you of new versions of Nexus via the Nexus interface. To enable this feature, check the Enable checkbox in the New Version Notification section of the Nexus server settings as shown in Figure 6.8, “Administration New Version Availability”.