Nexus Repository Manager Pro and Nexus Repository Manager OSS ship with some default passwords and settings for repository indexing that need to be changed for your installation to be useful (and secure). After installing and running the repository manager, you need to make sure that you complete the following tasks:
Step 1: Change the Administrative Password and Email Address
The administrative password defaults to admin123. The first thing you should do to your new installation is change this password. To change the administrative password, login as admin with the password admin123, and click on Change Password under the Security menu in the left-hand side of the browser window. For more detailed instructions, see Working with Your User Profile.
Step 2: Configure the SMTP Settings
The repository manager can send username and password recovery emails. To enable this feature, you will need to configure a SMTP Host and Port as well as any necessary authentication parameters that the repository manager needs to connect to the mail server. To configure the SMTP settings, follow the instructions in SMTP Settings.
Step 3: Configure Default HTTP and HTTPS Proxy Settings
In many deployments the internet, and therefore any remote repositories that the repository manager needs to proxy, can only be reached via a HTTP or HTTPS proxy server internal to the deployment company. In these cases the connection details to that proxy server need to be configured, as documented in Default HTTP and HTTPS Proxy Settings in order for the repository manager to be able to proxy remote repositories at all.
Step 4: Set an Injectable Master Password for Reversible Encryption
Nexus Repository uses reversible encryption to protect some sensitive information such as authentication credentials to external services. We recommend providing a non-default passphrase to perform this encryption.
To do this, modify the
$NEXUS_HOME/conf/nexus.properties file to add a
nexus.security.masterPhraseFile property. Set this property to point to a file containing the secret to use for reversible encryption.
This modification can only be made once. You can perform this step at any time, but you can only do it once. You will not be able to update the secret a second time.
Step 5: Enable Remote Index Downloads
Nexus Repository Manager Pro and Nexus Repository Manager OSS ship with two important proxy repositories for the Maven Central repository and the Apache Snapshot repository. Each of these repositories contains thousands (or tens of thousands) of components and it would be impractical to download the entire contents of each. To that end, most repositories maintain an index which catalogues the entire contents and provides for fast and efficient searching. The repository manager uses these remote indexes to search for components, but we’ve disabled the index download as a default setting. To download remote indexes:
- Click on Repositories under the Views/Repositories menu in the left-hand side of the browser window.
- Select each of the proxy repositories and change Download Remote Indexes to true in the Configuration tab. You’ll need to do this for each of the repositories. For more details on configuration see the repository section of our documentation.
This will trigger the repository manager to re-index these repositories, during which the remote index files will be downloaded. It might take a few minutes to download the entire index but once you have it you’ll be able to search the entire contents of the Maven repository.
Once you’ve enabled remote index downloads, you still will not be able to browse the complete contents of a remote repository. Downloading the remote index allows you to search for components in a repository, but until you download those components from the remote repository they will not show in the repository tree when you are browsing a repository. When browsing a repository, you will only be shown components which have been downloaded from the remote repository.
Step 6: Change the Deployment Password
The deployment user’s password defaults to deployment123. Change this password to make sure that only authorized developers can deploy components to your installation. To change the deployment password, log in as an administrator. Click on Security to expand the security menu. When the menu appears, click on Users. A list of users will appear. At that point, right-click on the user named Deployment and select Set Password.
Step 7: If Necessary, Set the LANG Environment Variable
If your repository manager needs to store configuration and data using an international character set, you should set the LANG environment variable. The Java Runtime will adapt to the value of the LANG environment variable and ensure that configuration data is saved using the appropriate character type. If you are starting the repository manager as a service, place this environment variable in the startup script found in
Step 8: Configure Routes
A route defines patterns used to define and identify the repositories in which the components are searched for. Typically, internal components are not available in the Central Repository or any other external, public repository. A route, as documented in Managing Routing, should be configured so that any requests for internal components do not leak to external repositories.