Repository Management with Nexus
3.6. Post-Install Checklist
Nexus ships with some default passwords and settings for repository indexing that need to be changed for your installation to be useful (and secure). After installing and running Nexus, you need to make sure that you complete the following tasks:
The administrative password defaults to admin123. The first thing you should do to your new Nexus installation is change this password. To change the administrative password login as "admin" with the password "admin123", and click on Change Password under the Security menu in the left-hand side of the browser window. For more detailed instructions, see Section 5.8, “Working with Your User Profile”.
Nexus can send user-name and password recovery emails, to enable this feature, you will need to configure Nexus with a SMTP Host and Port as well as any necessary authentication parameters that Nexus needs to connect to the mail server. To configure the SMTP settings following the instructions in Section 6.1.1, “SMTP Settings”.
In many deployments the internet, and therefore any remote repositories that Nexus needs to proxy, can only be reached via a HTTP proxy server internal to the deployment company. In these cases the connection details to that proxy server need to be configured in Nexus, as documented in Section 6.1.6, “Default HTTP Proxy Settings” in order for Nexus to be able to proxy remote repositories at all.
Nexus ships with three important proxy repositories for the Maven Central repository, Apache Snapshot repository, and the Codehaus Snapshot repository. Each of these repositories contains thousands (or tens of thousands) of artifacts and it would be impractical to download the entire contents of each. To that end, most repositories maintain an index which catalogues the entire contents and provides for fast and efficient searching. Nexus uses these remote indexes to search for artifacts, but we’ve disabled the index download as a default setting. To download remote indexes:
- Click on Repositories under the VIews/Repositories menu in the left-hand side of the browser window.
- Select each of the three proxy repositories and change Download Remote Indexes to true in the Configuration tab. You’ll need to load the dialog shown in Figure 6.13, “Repository Configuration Screen for a Proxy Repository” for each of the three repositories.
This will trigger Nexus to re-index these repositories, during which the remote index files will be downloaded. It might take Nexus a few minutes to download the entire index, but once you have it, you’ll be able to search the entire contents of the Maven repository.
Once you’ve enabled remote index downloads, you still will not be able to browse the complete contents of a remote repository. Downloading the remote index allows you to search for artifacts in a repository, but until you download those artifacts from the remote repository they will not show in the repository tree when you are browsing a repository. When browsing a repository, you will only be shown artifacts which have been downloaded from the remote repository.
The deployment user’s password defaults to deployment123. Change this password to make sure that only authorized developers can deploy artifacts to your Nexus installation. To change the deployment password: log in as an administrator, click on Security to expand the Security menu, then click on Users. You should then see a list of users. Right-click on the deployment user and select "Set Password".
If your Nexus instance needs to store configuration and data using an international character set, you should set the LANG environment variable. The Java Runtime will adapt to the value of the LANG environment variable and ensure that configuration data is saved using the appropriate character type. If you are starting Nexus as a service, place this environment variable in the start-up script found in /etc/init.d/nexus. For more information about locale settings in Ubuntu read https://help.ubuntu.com/community/Locale
A route defines patterns used to define in which repositories artifacts are searched for. Typically internal artifacts are not available in e.g. the Central Repository. A route as documented in Section 6.4, “Managing Routing”should be configured so that any requests for internal artifacts do not leak to external repositories.