Skip to main content

Customizing Server Configuration in Nexus Repository 2

Nexus Repository 2

You can access global configuration by clicking on Server under Administration in the left-hand main menu. The server configuration screens' subsections are documented in the following sections.

SMTP Settings

Nexus Repository Manager sends email to users who need to recover user names and passwords, notifications for staging and a number of other uses. In order for these notifications to work, configure the SMTP server settings in this dialog.

You can configure the Hostname and Port of the SMTP server to use as well as Username and Password. The Connection configuration allows you to configure Nexus Repository Manager to use plain or secure SMTP to connect to the server or to use STARTTLS for the connection, which would upgrade the initially established, plain connection to be encrypted. In all cases you will need to ensure that the correct port is used.

The System Email parameter defines the email address used in the From: header of an email sent by the repository manager. Typically, this would be configured as a "Do-Not-Reply" email address or a mailbox or mailing list monitored by the administrators of the server.

Once you have configured the parameters you can use the Test SMTP settings button to confirm the configured parameters and the successful connection to the server. You will be asked to provide an email address that should receive a test email message. Successful sending will be confirmed in another pop up message.

5410457.png

Figure 6.1. Administration SMTP Settings

HTTP Request Settings

The HTTP Request Settings allow you to configure the identifier that the repository manager uses when it is making an HTTP request. You may want to change this if it needs to use an HTTP Proxy and the Proxy will only work if the User Agent is set to a specific value.

You can also add extra parameters to place on a GET request to a remote repository. You could use this to add identifying information to requests.

The amount of time the repository manager will wait for a request to succeed when interacting with an external, remote repository can be configured with the Request Timeout and Request Retry Attempts settings.

5410456.png

Figure 6.2. Administration HTTP Request Settings

Security Settings

The security settings displayed in Figure 6.3, “Administration Security Settings” allow you to activate and prioritize security realms by adding them to the Selected Realms list on the left and placing them higher or lower on the list.

5410455.png

Figure 6.3. Administration Security Settings

Effectively, this configuration determines what authentication realm is used to grant a user access and the order the realms are used.

Xml Authenticating and Xml Authorizing Realm

These identify the internal storage of the repository manager. It is using XML files for storing the security details.

(Enterprise) LDAP Authentication Realm

This realm identifies external storage in an LDAP system with details documented in LDAP Integration

Crowd Realm

This realm identifies external storage in an Atlassian Crowd system with details documented in Atlassian Crowd Support

Rut Auth Realm

This realm is external authentication in any system with the user authorization passed to the repository manager in a HTTP header field with details documented in Authentication via Remote User Token

The User Token Realm is required for user token support documented in Security Setup with User Tokens and the NuGet API-Key Realm is needed for NuGet support documented in .NET Package Repositories with NuGet.

In addition, you can enable or disable anonymous access and set the username and password for anonymous access. The anonymous username and password are used to integrate with other realms that may need a special username for anonymous access. In other words, the username and password here are what we attempt to authorize when someone makes an anonymous request. You would change the anonymous username to guest if you wanted to integrate the repository manager with Microsoft’s Active Directory.

Application Server Settings

You can change the Base URL for your repository manager installation, which is used when generating links in emails and RSS feeds. For example, the Nexus Repository Manager Pro instance for Sonatype development is at https://repository.sonatype.org , and it makes use of this Base URL field to ensure that links in emails and RSS feeds point back to the correct public URL. Internally Nexus Repository Manager Pro is running on a different port and context than the public port 80 and root context.

Warning

Do not enable Force Base URL unless explicitly advised by Sonatype - enabling this will most likely cause your repository manager to not work properly through a reverse proxy. The original use case for forcing base URL is no longer valid.

5410454.png

Figure 6.4. Administration Application Server Settings

These settings are especially important if the repository manager is proxied by an external proxy server using a different protocol like HTTPS rather than plain HTTP known to it or a different hostname like repository.somecompany.com instead of an IP number only.

Default HTTP and HTTPS Proxy Settings

If your repository manager instance needs to reach public repositories like the Central Repository via a proxy server, you can configure the connection to a proxy server for HTTP and a potentially a different for HTTPS connection. If you do not configure a proxy for HTTPS, the HTTP proxy server settings will be used.

You can specify Proxy Host and Proxy Port and, optionally, the authentication details for username, password, NT LAN Host and NT LAN Manager Domain. In addition, you can configure a number of hosts that can be reached directly and do not need to go through the proxy in the Non Proxy Host setting. Figure 6.5, “Administration Default HTTP Proxy Settings” shows the Default HTTP Proxy Settings administration interface. The HTTPS configuration interface looks the same and is found below the HTTP configuration.

5410453.png

Figure 6.5. Administration Default HTTP Proxy Settings

Note

This is a critical initial step for many Enterprise deployments of a repository manager, since these environments are typically secured via a HTTP/HTTPS proxy server for all outgoing internet traffic.

System Notification Settings

When you proxy remote repositories that are not available all the time, the repository manager will automatically block and unblock them during downtimes. The System Notification Settings allows you define Email Addresses and roles for users that should receive notifications messages for these blocking and unblocking events.

5410452.png

Figure 6.6. Administration System Notification Settings

PGP Key Server Information

Nexus Repository Manager uses a PGP Key Server to retrieve PGP keys when validating component signatures. To add a new key server, enter the URL in the Key Server URL field and click on the Add button. To remove a key server, click on the URL you wish to remove from the list and click on the Remove button. Key servers are consulted in the order that they are listed in the Key Server URLs list. To reorder your key servers, click and drag a URL in the Key Server URLs list.

5410451.png

Figure 6.7. Administration PGP Key Server Information

New Version Availability

Nexus Repository Manager can notify you about the availability of new versions via the user interface. To enable this feature, check the Enable checkbox in the New Version Availability section of the server settings as shown in Figure 6.8, “Administration New Version Availability”.

5410450.png

Figure 6.8. Administration New Version Availability