Repository Management with Nexus

3.7. Configuring Nexus as a Service

When installing Nexus for production usage you should configure Nexus as a service, so it starts back up after server reboots. It is good practice to run that service or daemon as a specific user that has only the required access righs. The following sections provide instructions for configuring Nexus as a service or daemon on various operating systems.

3.7.1. Running as a Service on Linux

You can configure Nexus to start automatically by copying the nexus script to the /etc/init.d directory. On a Linux system perform the following operations as the root user:

  1. Create a nexus user with sufficient access rights to run the service
  2. Copy $NEXUS_HOME/bin/nexus to /etc/init.d/nexus
  3. Make the /etc/init.d/nexus script executable and owned by the root user -

    chmod 755 /etc/init.d/nexus
    chown root /etc/init.d/nexus
  4. Edit this script changing the following variables:

    1. Change NEXUS_HOME to the absolute folder location (e.g., NEXUS_HOME="/usr/local/nexus")
    2. Set the RUN_AS_USER to nexus or any other user with restricted rights that you want to use to run the service. You should not be running Nexus as root.
    3. Change PIDDIR to a directory where this user has read/write permissions. In most Linux distributions, /var/run is only writable by root. The property you need to add to customize the PID file location is wrapper.pid. For more information about this property and how it would be configured in wrapper.conf, see: http://wrapper.tanukisoftware.com/doc/english/properties.html.
  5. Change the owner and group of your Nexus-related directories, including nexus-work configured in nexus.properties defaulting to sonatype-work/nexus, to the nexus user that will run the application.
  6. If Java is not on the default path for the user running Nexus, add a JAVA_HOME variable which points to your local Java installation and add a $JAVA_HOME/bin to the PATH.
[Warning]

We recommend to avoid running Nexus as the root user or a similar privileged user, as this practice poses serious security risks to the host operating system unnecessarily. Instead we suggest to follow system administration best practice and use a service specific user with the minimum required access rights only.

Add Nexus as a Service on Red Hat, Fedora, and CentOS

This script has the appropriate chkconfig directives, so all you need to do to add Nexus as a service is run the following commands:

$ cd /etc/init.d
$ chkconfig --add nexus
$ chkconfig --levels 345 nexus on
$ service nexus start
Starting Sonatype Nexus...
$ tail -f /usr/local/nexus/logs/wrapper.log

The second command adds nexus as a service to be started and stopped with the service command. chkconfig manages the symbolic links in /etc/rc[0-6].d which control the services to be started and stopped when the operating system restarts or transitions between run-levels. The third command adds nexus to run-levels 3, 4, and 5. The service command starts Nexus, and the last command tails the wrapper.log to verify that Nexus has been started successfully. If Nexus has started successfully, you should see a message notifying you that Nexus is listening for HTTP.

Add Nexus as a Service on Ubuntu and Debian

The process for setting up Nexus as a service on Ubuntu differs slightly from the process used on a Red Hat variant. Instead of running chkconfig, you should run the following sequence of commands once you’ve configured the startup script in /etc/init.d.

$ cd /etc/init.d
$ update-rc.d nexus defaults
$ service nexus start
Starting Sonatype Nexus...
$ tail -f /usr/local/nexus/logs/wrapper.log

3.7.2. Running as a Service on Mac OS X

The standard way to run a service on Mac OS X is by using launchd, which uses plist files for configuration. An example plist file for Nexus installed in /opt is shown A sample com.sonatype.nexus.plist file.

A sample com.sonatype.nexus.plist file. 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
    "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.sonatype.nexus</string>
    <key>ProgramArguments</key>
    <array>
        <string>/opt/nexus/bin/nexus</string>
        <string>start</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>

After saving the file as com.sonatype.nexus.plist in /Library/LaunchDaemons/ you have to change the ownership and access rights.

sudo chown root:wheel /Library/LaunchDaemons/com.sonatype.nexus.plist
sudo chmod 644 /Library/LaunchDaemons/com.sonatype.nexus.plist
[Tip]

Consider setting up a different user to run Nexus and adapt permissions and the RUN_AS_USER setting in the nexus startup script.

With this setup Nexus will start as a service at boot time. To manually start it after the configuration you can use

sudo launchctl load /Library/LaunchDaemons/com.sonatype.nexus.plist

3.7.3. Running as a Service on Windows

The startup script for Nexus on Windows platforms is bin/nexus.bat. Besides the standard commands for starting and stopping the service, it has the additional commands install and uninstall. Running these commands with elevated privileges will set up the service for you or remove it as desired. Once installed as a service with the install command, the batch file can be used to start and stop the service. In addition, the service will be available in the usual Windows service management console as a service named nexus.