Post Install Checklist

To ensure the system begins with a secure state, Nexus Repository Manager generates a unique random password during the system’s initial startup which it writes to the data directory ($data-dir, typically sonatype-work/nexus3) in a file called admin.password.

To configure the system, the user must prove they’re the system owner by retrieving the initial password from the filesystem. This password can then be changed manually through the user interface, or programmatically through the REST API.

Using the User Interface

Click the Sign in button in the top right of the page, until the initial password has been changed the dialog that comes up will indicate the file path of a file containing the password for the admin user.

The admin user will then be presented with a setup wizard which will assist the user in changing the admin password along with other initial system setup.

When using the user interface another step in the wizard is configuring whether anonymous access is allowed in the system. Until configured the system will allow unauthenticated users to read the contents of repositories.

The admin user comes with a default email address configured and, since this address is not going to be very useful to anyone, see Working with Your User Profile for details.

The repository manager can send username and password recovery emails. To enable this feature, you will need to configure an SMTP Host and Port as well as any necessary authentication parameters that the repository manager needs to connect to the mail server.

In many deployments, the internet, and therefore any remote repositories that the repository manager needs to proxy, can only be reached via a HTTP or HTTPS proxy server internal to the deployment company. In these cases the connection details to that proxy server need to be configured in order for the repository manager to be able to proxy remote repositories at all.

Read and utilize Backup and Restore. Things happen and it is always advisable to backup your configurations and data on a scheduled basis.

Set up routing rules to prevent issues such as a name hijacking attack where a malicious user creates packages in a registry with names used by your internal projects.

Nexus Repository Pro users should consider configuring token-based access.

You should set up the following essential maintenance tasks:

In your repository settings, set up cleanup policies.