Configurable Repository Fields

The sections below provide details on different configurations you can make when you create a new repository or open an existing repository's management view (i.e. when you select it from the list of created repositories).

Available configurations vary depending on repository type and format.

Name
The Name is the identifier that will be used in the URL for access to the repository. For example, the proxy repository for the Central Repository is named "maven-central." The Name must be unique in a given Nexus Repository instance and is required.
Format
A repository's format is the format in which Nexus Repository exposes the repository to external tools. Examples include docker, npm, go, pypi, etc.
See Formats
Type
The repository type field indicates whether this is a hosted, proxy, or group repository.
See Repository Types
URL
The URL field displays the user-facing URL for this repository. Maven and other tools can access the repository directly at that URL (e.g., http://localhost:8081/repository/maven-central).
Online Checkbox
The Online checkbox allows you to define whether or not a given repository is available to client-side tools. Check the checkbox to make the repository available; de-select the checkbox to make it unavailable.
Blob Store
The Blob store field indicates which blob store among your available blob stores this repository will use to store its binary parts.
See Storage Guide
Strict Content Type Validation
When the Strict Content Type Validation checkbox is checked, validation will check that the MIME type of all files published into the repository conforms to the allowed types for that specific repository format.
Cleanup Policies
Cleanup policies control disk space by removing unused items. Nexus Repository applies the selected cleanup policies to the repository to delete components that match the criteria. Use the arrow controls to associate one or more cleanup policies to the applied section.
See Cleanup Policies
Deployment Policy
Controls how the repository allows or disallows component deployment in hosted repositories.
- Disable redeploy (default value) - A client can only deploy a particular component once; any attempt to deploy a component again will result in an error.
- Allow redeploy - Clients can deploy components to this repository and overwrite the same component in subsequent deployments.
- Read-only - No deployment allowed.
Remote Storage
The Remote Storage field is only available for proxy repositories. This field contains the URL for the remote repository that this repository will proxy. As a best practice, avoid proxying remote repository groups as this can impact performance optimization. Instead, create multiple proxy repositories that each proxy the different hosted repositories that make up the group instead of proxying the group itself.
Use the Nexus Repository Truststore
Available for proxy repositories that use an HTTPS URL. When enabled, Nexus Repository manages the remote repository's SSL certificate. Select the View certificate button to view SSL certificate details and, optionally, add or remove the certificate from the truststore that Nexus Repository maintains.
See Outbound SSL - Trusting SSL Certificates of Remote Repositories
Blocked
The Blocked checkbox configuration is only available for proxy repositories. Check this box to prevent Nexus Repository from sending outbound requests to the remote repository.
Auto Blocking Enabled
The auto-blocking enabled field is only available for proxy repositories. When enabled, Nexus Repository automatically blocks the proxy repository if the remote repository becomes unavailable. While a proxy repository is blocked, components will still be served to clients from a local cache, but Nexus Repository will not attempt to locate a component in a remote repository. Nexus Repository periodically retests the remote repository and unblocks the proxy once the remote becomes available.
Maximum Component Age
Maximum component age is only available for proxy repositories. When the proxy receives a request for a component, it does not request a new version from the remote repository until the existing component is older than the number of minutes configured in this field.
Maximum Metadata Age
Maximum metadata age is only available for proxy repositories. Nexus Repository will only retrieve metadata updates from the remote repository after the number of minutes configured in this field. For component metadata, Nexus Repository honors whichever value between Maximum component age and Maximum metadata age is greater before rechecking.
Not Found Cache Enabled and Not Found Cache TTL
The Not found cache enabled checkbox and corresponding Not found cache TTL field are only available for proxy repositories. When the cache is enabled, Nexus Repository will cache responses for content that is not present in the proxied repository. If Nexus Repository does not locate a component, it will cache this result for however many minutes you configure in Not found cache TTL field. During this time, Nexus Repository will not perform repeated attempts to find this component. The Not found cache enabled setting is enabled by default, and the Not found cache TTL is set to 1,440 minutes (i.e., 24 hours) by default.
HTTP Authentication
The HTTP configuration section is only available for proxy repositories. In this section, you can configure access to the remote repository either via providing authentication details or connecting to a proxy server. This configuration is only necessary if it is specific to this repository.
See HTTP and HTTPS Request and Proxy Settings
In the HTTP Authentication section, select Username or Windows NTLM as the Authentication type. Then, provide the required Username and Password for plain authentication or Username, Password, Windows NTLM hostname ,and Windows NTLM domain for Windows NTLM-based authentication.
HTTP Request Settings
The HTTP request settings section is only available for proxy repositories. Changes made to HTTP request settings are applied to all HTTP requests that Nexus Repository makes to the remote repository being proxied. Enabling these settings at the repository level will override any general settings.
See HTTP and HTTPS Request and Proxy Settings
You can make the following configurations to HTTP request settings:
- User-agent customization - Enter a string to append to user-agent HTTP headers.
- Connection retries - Enter the total number of connection attempts after an initial timeout.
- Connection timeout - Set the timeout interval (in seconds) for requests.
- Enable circular redirects - Allow proxy repositories to follow redirects indicated by the remote server even if they point to an already processed URL.
- Enable cookies - Authorize using HTTP cookies sent by the remote server when processing future requests.
https://maven.oracle.com is a server that requires both Enable circular redirects and Enable cookies. When requesting data, you are redirected to a queue of different URLs; most of these are involved with authentication.
By enabling these options, you allow Nexus Repository to maintain the authentication state in a cookie that would be sent with each request, eliminating the need for authentication-related redirects and avoiding timeouts.
Proprietary Components
The Proprietary Components field is only available for hosted repositories and requires integration with Sonatype Repository Firewall. Checking this box tells Nexus Repository and Repository Firewall that components in this repository should be considered as proprietary for namespace conflict attacks. If you are unsure if your repository contains public open-source components, do not enable this feature.
See Namespace Confusion Protection
Group Member Repositories
The Group section and Member Repositories configuration are only available for group repositories. The Member Repositories selector allows you to add and remove repositories to and from the repository group. The Members column lists all of the group member repositories. The Available column lists all repositories and repository groups that you could potentially add to the group.
Add or Remove a Repository to or from a Group
To add or remove a repository to the group, either drag the repository from whichever column it is into the new column in which you want it to appear, or select the repository and use the arrows that appear between the two columns to move the repository.
Repository Order in the Group Member List
The order of the repositories listed in the Member section is important. When Nexus Repository searches for a component in a repository group, it will return the first match. To reorder a repository in this list, click and drag the repositories and groups in the Members list or use the arrow buttons between the Available and Members list.
The order of repositories or other groups in a group can be used to influence the effective metadata that will be retrieved from a repository group. It is recommended best practice to put hosted repositories higher in the list than proxy repositories. For proxy repositories, Nexus Repository may need to check the remote repository, which will incur more overhead than a hosted repository lookup.
It is also recommended to place repositories with a higher probability of matching the majority of components higher in this list for best performance. These best practices are implemented in the default configuration.

Format-Specific Configurations

Some repository formats include additional configuration options:

Apt-specific repository configurations include the following:

Distribution - This field defines the distribution (e.g., focal, bionic) of the packages in the repository. For a hosted repository, you should use the distribution from the repository properties. For a proxy repository, the distribution should be the same as in the original remote repository settings.
Flat - This checkbox is only available for proxy repositories. If the remote repository has a flat format (i.e., doesn't use a 'dists' hierarchy), check the Flat checkbox.
Signing Key and Passphrase - The Signing Key and Passphrase configurations are only available for hosted apt repositories. In these fields, enter the private GPG key and passphrase for that key in the respective boxes.
See Apt repositories

The Enable rewrite of Package URLs option is only available for proxy Bower repositories and is enabled by default. Enabling this setting means that Bower will retrieve components and their dependencies through Nexus Repository even if the original metadata has hard-coded URLs to remote repositories. Disabling this setting means that Bower proxies the information directly from the remote registry without redirecting to Nexus Repository to retrieve components. Note that Bower is not compatible with H2 or PostgreSQL databases and will only appear in OrientDB deployments.

Docker-specific repository configurations include the following:

Repository Connectors - This section is available for both proxy and hosted Docker repositories. It allows you to provide an HTTP or HTTPS connector at a specified port so that the Docker client can interact with the repository.
See SSL and Repository Connector Configuration
Docker Registry API Support - This checkbox is available for all Docker repository types. Docker client tools interact with a repository via the registry API. By default, Nexus Repository enables V2 of the registry API; however, tools will occasionally fall back to V1. Checking this checkbox allows Docker client tools to use V1 of the registry API when needed.
See Support for Docker Registry API
Docker Index - This field is only available for proxy Docker repositories. A Docker proxy repository includes a configuration URL to access the Docker Index. The index is used for requests related to searches, users, Docker tokens, etc. The same provider typically co-hosts the registry and the index; however, they can use different URLs.
See Proxy Repository for Docker
By default, this field is set to Use proxy registry (specified above), which means that Nexus Repository will attempt to retrieve index data from the remote repository specified in the Remote storage field.
If set to Use Docker Hub, Nexus Repository will send index-related requests to the Docker Hub index at https://index.docker.io/.
Selecting Custom Index allows you to specify a remote repository URL where Nexus Repository should send index-related requests.
Writable Repository - This option is only available for group Docker and npm repositories. In this field, you can enter a specific repository to which you want to route POST and PUT requests. When you push components to the group repository's URL, they will be stored in the designated writable repository.

Maven-specific repository configurations include the following:

Version Policy - This defines the type of artifacts stored in the repository. Possible options are Release, Snapshot, and Mixed.
See Maven Repository Format
Layout Policy - This policy defines whether or not to allow assets into the repository that violate the Maven default format. Options include Permissive (to allow such assets into the repository) or Strict (to require assets to follow Apache Maven conventions). As a best practice, select Strict if you are using Apache Maven, Eclipse Aether, and other strictly compatible tools.
See Maven Repository Format
Content-Disposition - This setting determines whether to display repository content within the browser or as an attachment that a user downloads. The default setting is Inline, which means that repository content will display within the browser. You can change this to Attachment to have content provided as an attachment to download.

The Writable Repository option is only available for group Docker and npm repositories. In this field, you can enter a specific repository to which you want to route POST and PUT requests. When you push components to the group repository's URL, they will be stored in the designated writable repository.

Special Note on npm Proxy Repositories

Once you create an npm proxy repository, do not change the remote server URL. Doing so may result in 404s as Nexus Repository attempts to retrieve cached data. Instead, create a new proxy repository.

NuGet-specific repository configurations include the following:

Note

Notable Compatibility Change for H2 or PostgreSQL Database Deployments

In Sonatype Nexus Repository release 3.43.0, we added compatibility with official NuGet v2 clients. The supported subset of the legacy NuGet v2 protocol is the same as that supported by Microsoft's NuGet Gallery, nuget.org. Use cases that rely on the deprecated parts of the v2 API are not supported, including many common Chocolatey use cases and some custom OData queries.

Protocol version - The Protocol version field is only available for proxy NuGet repositories. Select whether to use NuGet protocol version 2 or version 3.
Metadata query cache age - The Metadata query cache age configuration is only available for proxy NuGet repositories. This parameter defines how long (in seconds) query results are cached in the proxied repository. To avoid sending identical queries to the remote repository, Nexus Repository caches the queries and will rely on previously stored metadata if the same query is received again before the cache expires.

Cargo proxy and group repositories include an Authentication Requirements configuration to restrict repository content to authenticated users.

Cargo clients rely on a specific signal in the config.json file to determine authentication requirements, which could lead to unexpected behavior when anonymous access is enabled in Nexus Repository but restricted by the individual Cargo repository.

When creating proxy or group Cargo repositories, use the Restrict repository content to authenticated users checkbox to set auth-required in /config.json responses and ignore anonymous access configuration.

Yum-specific repository configurations include the following:

Repodata Depth - The Repodata Depth field is only available for hosted repositories. This configuration determines the level at which to create the repodata metadata folder and the expected minimum folder depth at which the RPMs can exist to match. Nexus Repository will reject RPMs with less depth.
See Yum Repositories
Layout Policy - The Layout Policy field is only available for hosted Yum repositories and defaults to a Strict setting. The layout policy defines whether or not to allow users to upload assets that are not Yum-specific. Options include Permissive (to allow any file type into the repository) or Strict (to limit uploads to Yum-specific files like RPMs, and comps.xml).
See Yum Repositories
Signing Key and Passphrase - The Signing Key and Passphrase configurations are only available for proxy and group Yum repositories. In these fields, enter the private GPG key and passphrase for that key in the respective boxes.
See GPG Signatures for the Yum

Configurable Repository Fields

Name

Format

Type

URL

Online Checkbox

Blob Store

Strict Content Type Validation

Cleanup Policies

Deployment Policy

Remote Storage

Use the Nexus Repository Truststore

Blocked

Auto Blocking Enabled

Maximum Component Age

Maximum Metadata Age

Not Found Cache Enabled and Not Found Cache TTL

HTTP Authentication

HTTP Request Settings

Proprietary Components

Group Member Repositories

Add or Remove a Repository to or from a Group

Repository Order in the Group Member List

Format-Specific Configurations

Search results