Nexus ships with some default passwords and settings for repository indexing that need to be changed for your installation to be useful (and secure). After installing and running Nexus, you need to make sure that you complete the following tasks:
The administrative password defaults to admin123. The first thing you should do to your new Nexus installation is change this password. To change the administrative password, login as admin with the password admin123, and click on Change Password under the Security menu in the left-hand side of the browser window. For more detailed instructions, see Section 5.16, “Working with Your User Profile”.
Nexus can send username and password recovery emails. To enable this feature, you will need to configure Nexus with a SMTP Host and Port as well as any necessary authentication parameters that Nexus needs to connect to the mail server. To configure the SMTP settings, follow the instructions in Section 6.1.1, “SMTP Settings”.
In many deployments the internet, and therefore any remote repositories that Nexus needs to proxy, can only be reached via a HTTP and HTTPS proxy server internal to the deployment company. In these cases the connection details to that proxy server need to be configured in Nexus, as documented in Section 6.1.5, “Default HTTP and HTTPS Proxy Settings” in order for Nexus to be able to proxy remote repositories at all.
Nexus ships with three important proxy repositories for the Maven Central repository, Apache Snapshot repository, and the Codehaus Snapshot repository. Each of these repositories contains thousands (or tens of thousands) of components and it would be impractical to download the entire contents of each. To that end, most repositories maintain an index which catalogues the entire contents and provides for fast and efficient searching. Nexus uses these remote indexes to search for components, but we’ve disabled the index download as a default setting. To download remote indexes:
- Click on Repositories under the Views/Repositories menu in the left-hand side of the browser window.
- Select each of the three proxy repositories and change Download Remote Indexes to true in the Configuration tab. You’ll need to load the dialog shown in Figure 6.9, “Repository Configuration Screen for a Proxy Repository” for each of the three repositories.
This will trigger Nexus to re-index these repositories, during which the remote index files will be downloaded. It might take Nexus a few minutes to download the entire index, but once you have it, you’ll be able to search the entire contents of the Maven repository.
Once you’ve enabled remote index downloads, you still will not be able to browse the complete contents of a remote repository. Downloading the remote index allows you to search for components in a repository, but until you download those components from the remote repository they will not show in the repository tree when you are browsing a repository. When browsing a repository, you will only be shown components which have been downloaded from the remote repository.
The deployment user’s password defaults to deployment123. Change this password to make sure that only authorized developers can deploy components to your Nexus installation. To change the deployment password, log in as an administrator. Click on Security to expand the security menu. When the menu appears, click on Users. A list of users will appear. At that point, right-click on the user named Deployment and select Set Password.
If your Nexus instance needs to store configuration and data using an
international character set, you should set the
variable. The Java Runtime will adapt to the value of the
environment variable and ensure that configuration data is saved using
the appropriate character type. If you are starting Nexus as a
service, place this environment variable in the startup script found
A route defines patterns used to define and identify the repositories in which the components are searched for. Typically, internal components are not available in the Central Repository or any other external, public repository. A route, as documented in Section 6.4, “Managing Routing”, should be configured so that any requests for internal components do not leak to external repositories.