Repository Management with Nexus
You can access global Nexus configuration by clicking on Server under Administration in the left-hand Nexus menu. The server configuration screens' subsections are documented in the following sections..
Nexus sends email to users who need to recover user names and passwords, notifications for staging and a number of other uses. In order for these notifications to work, configure the SMTP server settings in this dialog.
You can configure the Hostname and Port of the SMTP server to use as well as Username and Password. The Connection configuration allows you to configure Nexus to use plain or secure SMTP to connect to the server or to use STARTTLS for the connection, which would upgrade the initially established, plain connection to be encrypted. In all cases you will need to ensure that the correct port is used.
The System Email parameter defines the email address used in the
From: header of an email sent by Nexus. Typically, this would be
configured as a "Do-Not-Reply" email address or a mailbox or mailing
list monitored by the administrators of the Nexus server.
Once you have configured the parameters you can use the Test SMTP settings button to confirm the configured parameters and the successful connection to the server. You will be asked to provide an email address that should receive a test email message. Successful sending will be confirmed in another pop up message.
The HTTP Request Settings allow you to configure the identifier that Nexus uses when it is making an HTTP request. You may want to change this if Nexus needs to use an HTTP Proxy, and the Proxy will only work if the User Agent is set to a specific value.
You can also add extra parameters to place on a GET request to a remote repository. You could use this to add identifying information to requests.
The amount of time Nexus will wait for a request to succeed when interacting with an external, remote repository can be configured with the Request Timeout and Request Retry Attempts settings.
The security settings displayed in Figure 6.3, “Administration Security Settings” allow you to activate and prioritize security realms by adding them to the Selected Realms list on the left and placing them higher or lower on the list.
Effectively, this configuration determines what authentication realm is used to grant a user access and the order the realms are used.
- Xml Authenticating and Xml Authorizing Realm
- These identify the Nexus internal storage uses XML files for storing the security details.
- (Enterprise) LDAP Authentication Realm
- This realm identifies external storage in an LDAP system with details documented in Chapter 8, Nexus LDAP Integration.
- Crowd Realm
- This realm identifies external storage in an Atlassian Crowd system with details documented in Chapter 9, Atlassian Crowd Support.
- Rut Auth Realm
- This realm is external authentication in any system with the user authorization passed to Nexus in a HTTP header field with details documented in Section 6.18, “Authentication via Remote User Token”.
The User Token Realm is required for user token support documented in Section 6.17, “Security Setup with User Tokens” and the NuGet API-Key Realm is needed for NuGet support documented in Chapter 16, .NET Package Repositories.
In addition, you can enable or disable anonymous access and set the
username and password for anonymous access. The anonymous username and
password are used to integrate with other realms that may need a
special username for anonymous access. In other words, the username
and password here are what we attempt to authorize when someone makes
an anonymous request. You would change the anonymous username to
guest if you wanted to integrate Nexus with Microsoft’s Active
You can change the Base URL for your Nexus installation, which is used when generating links in emails and RSS feeds.For example, the Nexus instance for Sonatype development is available at http://respository.sonatype.org, and it makes use of this Base URL field to ensure that links in emails and RSS feeds point to the correct URL. Internally Nexus is running on a different port and context than the public port 80 and root context.
If you are hosting Nexus behind a proxy server and you want to make sure that Nexus always uses the specified Base URL, check the Force Base URL checkbox. If the Force Base URL is not checked, Nexus will craft URLs in HTTP responses based on the request URL, but it will use the Base URL when it is generating emails.
These settings are especially important if Nexus is proxied by an external proxy server using a different protocol like HTTPS rather than plain HTTP known to Nexus or a different hostname like repository.somecompany.com instead of an IP number only.
If your Nexus instance needs to reach public repositories like the Central Repository via a proxy server, you can configure the connection to a proxy server for HTTP and a potentially a different for HTTPS connection. If you do not configure a proxy for HTTPS, the HTTP proxy server settings will be used.
You can specify Proxy Host and Proxy Port and, optionally, the authentication details for username, password, NT LAN Host and NT LAN Manager Domain. In addition, you can configure a number of hosts that can be reached directly and do not need to go through the proxy in the Non Proxy Host setting. Figure 6.5, “Administration Default HTTP Proxy Settings” shows the Default HTTP Proxy Settings administration interface. The HTTPS configuration interface looks the same and is found below the HTTP configuration.
This is a critical initial step for many Enterprise deployments of Nexus deployment, since these environments are typically secured via a HTTP/HTTPS proxy server for all outgoing internet traffic.
When you proxy remote repositories that are not available all the time, Nexus will automatically block and unblock them during downtimes. The System Notification Settings allows you define Email Adresses and roles for Nexus users that should receive notifications messages for these blocking and unblocking events.
Nexus Professional uses a PGP Key Server to retrieve PGP keys when validating artifact signatures. To add a new key server, enter the URL in the Key Server URL field and click on the Add button. To remove a key server, click on the URL you wish to remove from the list and click on the Remove button. Key servers are consulted in the order that they are listed in the Key Server URLs list. To reorder your key servers, click and drag a URL in the Key Server URLs list.
Nexus can notify you of new versions of Nexus via the Nexus interface. To enable this feature, check the Enable checkbox in the New Version Availability section of the Nexus server settings as shown in Figure 6.8, “Administration New Version Availability”.