{"id":10803,"date":"2021-10-25T22:02:37","date_gmt":"2021-10-25T19:02:37","guid":{"rendered":"https:\/\/kifarunix.com\/?p=10803"},"modified":"2024-03-18T13:25:49","modified_gmt":"2024-03-18T10:25:49","slug":"run-nexus-repository-behind-nginx-reverse-proxy","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/run-nexus-repository-behind-nginx-reverse-proxy\/","title":{"rendered":"Run Nexus Repository Behind Nginx Reverse Proxy"},"content":{"rendered":"\n

In this tutorial, you will learn how to run Nexus repository behind Nginx reverse proxy<\/a>. Nginx can be configure to proxy HTTP requests. In this setup, Nginx receives requests and passes it onto specified proxied server, fetches the response, and sends it back to the client<\/em>.<\/p>\n\n\n\n

In our previous article, we learnt how to install Nexus repository;<\/p>\n\n\n\n

Install Nexus Repository Manager on Debian 11<\/a><\/p>\n\n\n\n

Install Nexus Repository Manager on Ubuntu 20.04<\/a><\/p>\n\n\n\n

Install Nexus Repository Manager on Debian 10<\/a><\/p>\n\n\n\n

Running Nexus Repository Behind Nginx Reverse Proxy<\/h2>\n\n\n\n

In all the above tutorials, Nexus port 8081 is exposed to the external networks as can be seen on Nexus URL, http:\/\/server-IP:8081<\/code><\/strong>.<\/p>\n\n\n\n

When you run Nexus repository behind a reverse proxy, you can access it without having to specify its port on the URL.<\/p>\n\n\n\n

Bind Nexus Repository to Localhost Interface<\/h3>\n\n\n\n

NOTE: if your Nexus instance is already listening on a loopback address, then skip this step.<\/p>\n\n\n\n

When you check, by default, at least in the guides above, Nexus is not bound to specific interface on a server on which it is running and hence listens on all interfaces on port 8081.<\/p>\n\n\n\n

ss -altnp | grep 8081<\/code><\/pre>\n\n\n\n
LISTEN 0      50           0.0.0.0:8081       0.0.0.0:*    users:((\"java\",pid=663,fd=691))<\/code><\/pre>\n\n\n\n
Before you can proceed to run Nexus repository manager behind Nginx reverse proxy, first configure Nexus to bind it to a loopback interface, 127.0.0.1<\/code><\/strong>.<\/p>\n\n\n\n
As shown by the ss<\/strong><\/code> command output above, Nexus listens on all interfaces on port 8081\/tcp.<\/p>\n\n\n\n
grep application- \/opt\/nexus\/etc\/nexus-default.properties<\/code><\/pre>\n\n\n\n
application-port=8081\napplication-host=0.0.0.0<\/strong><\/code><\/pre>\n\n\n\n
To bind Nexus to localhost interface, replace the 0.0.0.0 address in the configuration file above with the specific server loopback IP address;<\/p>\n\n\n\n
sed -i 's\/0.0.0.0\/127.0.0.1\/' \/opt\/nexus\/etc\/nexus-default.properties<\/code><\/pre>\n\n\n\n
Once you have made the changes, restart Nexus;<\/p>\n\n\n\n
systemctl restart nexus<\/code><\/pre>\n\n\n\n
Once Nexus starts, you can confirm the address it is bind to again;<\/p>\n\n\n\n
ss -altnp | grep 8081<\/code><\/pre>\n\n\n\n
Sample output;<\/p>\n\n\n\n
LISTEN 0      50         127.0.0.1:8081       0.0.0.0:*    users:((\"java\",pid=2711,fd=699))<\/code><\/pre>\n\n\n\n
Install Nginx Web Server<\/h3>\n\n\n\n
Next, install Nginx Web server;<\/p>\n\n\n\n
apt install nginx -y<\/code><\/pre>\n\n\n\n
Run Nexus Repository Manager Behind Nginx Reverse Proxy<\/h3>\n\n\n\n
Once Nginx Web server is installed, create Nexus site.<\/p>\n\n\n\n
Any requests that comes to this site will be forward to the Nexus repository running on the same host and listening on loopback interface.<\/p>\n\n\n\n
Create Nginx Nexus Site Configuration<\/h4>\n\n\n\n
To create the Nexus site configuration, \/etc\/nginx\/sites-available\/nexus<\/code>, you can simply copy and paste the content below on the terminal.<\/p>\n\n\n\n
Replace the names of the site accordingly.<\/strong><\/p>\n\n\n\n
\ncat > \/etc\/nginx\/sites-available\/nexus << 'EOL'\n  server {\n    listen   *:80 default_server;\n    server_name  nexus.kifarunix-demo.com;\n    access_log \/var\/log\/nginx\/nexus.access.log;\n    error_log \/var\/log\/nginx\/nexus.error.log;\n\n    location \/ {\n      proxy_pass http:\/\/127.0.0.1:8081\/;\n      proxy_set_header Host $host;\n      proxy_set_header X-Real-IP $remote_addr;\n      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n      proxy_buffering    off;\n      proxy_request_buffering off;\n      keepalive_timeout  5 5;\n      tcp_nodelay        on;\n      proxy_connect_timeout 90;\n      proxy_send_timeout 120;\n      proxy_read_timeout 300;\n      client_max_body_size 10m;\n    }\n  }\nEOL\n<\/code><\/pre>\n\n\n\n
Verify Nginx Syntax;<\/p>\n\n\n\n
nginx -t<\/code><\/pre>\n\n\n\n
If the output is, similar to below;<\/p>\n\n\n\n
nginx: the configuration file \/etc\/nginx\/nginx.conf syntax is ok\nnginx: configuration file \/etc\/nginx\/nginx.conf test is successful<\/code><\/pre>\n\n\n\n
then you are good to proceed. Otherwise fix any errors before you can proceed.<\/p>\n\n\n\n
Disable default Nginx site;<\/p>\n\n\n\n
unlink \/etc\/nginx\/sites-enabled\/default\nrm \/etc\/nginx\/sites-available\/default<\/code><\/pre>\n\n\n\n
Enable Nginx Nexus site;<\/p>\n\n\n\n
ln -s \/etc\/nginx\/sites-available\/nexus \/etc\/nginx\/sites-enabled\/<\/code><\/pre>\n\n\n\n
Restart Nginx;<\/p>\n\n\n\n
systemctl restart nginx<\/code><\/pre>\n\n\n\n
Accessing Nexus running behind Nginx Proxy<\/h3>\n\n\n\n
You can now access your Nexus without specifying the port on the url.<\/p>\n\n\n\n
\"Run<\/figure>\n\n\n\n
<\/a><\/p>\n\n\n\n
And that is how easy it is to run Nexus repository manager behind Nginx reverse proxy.<\/p>\n\n\n\n
Reference<\/p>\n\n\n\n
Nexus Reverse Proxy<\/a><\/p>\n\n\n\n
Other tutorials<\/h3>\n\n\n\n
Run Nexus Repository Manager Behind Apache Reverse Proxy<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
In this tutorial, you will learn how to run Nexus repository behind Nginx reverse proxy. Nginx can be configure to proxy HTTP requests. In this<\/p>\n","protected":false},"author":3,"featured_media":10799,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[121],"tags":[3152,4234,4232,229,916,4233,4231],"class_list":["post-10803","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-howtos","tag-nexus","tag-nexus-repository-reverse-proxy","tag-nexus-reverse-proxy","tag-nginx","tag-nginx-reverse-proxy","tag-reverse-proxy","tag-run-nexus-behind-nginx-reverse-proxy","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10803"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=10803"}],"version-history":[{"count":4,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10803\/revisions"}],"predecessor-version":[{"id":21624,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10803\/revisions\/21624"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/10799"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=10803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=10803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=10803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}