Ko te Sonatype Nexus he papaa whakauru e taea ai e nga kaiwhakawhanake te takawaenga, te penapena me te whakahaere i nga whakawhirinakitanga Java (Maven), Docker, Python, Ruby, NPM, whakaahua Bower, kete RPM, gitlfs, Apt, Haere, Nuget, me te tohatoha i to raatau haumarutanga rorohiko.
He aha koe e hiahia ai ki te Sonatype Nexus?
- Mo te penapena taonga motuhake;
- Mo te keteroki taonga ka tangohia mai i te Ipurangi;
Nga mea toi e tautokohia ana i roto i te kete taketake Sonatype Nexus:
- Java, Maven (kara)
- Docker
- Python (pip)
- Ruby (kohatu)
- NPM
- Kaipupuri
- Yum (rpm)
- gitlfs
- raw
- Apt (deb)
- Go
- Nuget
Nga Taonga Tautoko Hapori:
- kaitito
- Conan
- CPAN
- ELPA
- Helm
- P2
- R
Te whakauru i te Sonatype Nexus ma te whakamahi
whakaritenga
- Pānuihia mo te whakamahi ansible i runga ipurangi.
- Tāuta ansible
pip install ansiblei runga i te teihana mahi e rere ai te pukapuka takaro. - Tāuta i runga i te teihana mahi e rere ai te pukapuka takaro.
- Tāuta i runga i te teihana mahi e rere ai te pukapuka takaro.
- Kua whakamatauria tenei mahi ki CentOS 7, Ubuntu Xenial (16.04) me Bionic (18.04), Debian Jessie me Stretch
jmespathMe whakauru te whare pukapuka ki te teihana mahi kei te haere te pukapuka takaro. Hei tāuta:sudo pip install -r requirements.txt- Tiakina te kōnae pukapuka purei (tauira i raro nei) ki te kōnae nexus.yml
- Whakahaerehia te whakaurunga hononga
ansible-playbook -i host nexus.yml
He tauira ansible-playbook mo te whakauru hono me te kore LDAP me Maven (java), Docker, Python, Ruby, NPM, Bower, RPM me nga putunga gitlfs.
---
- name: Nexus
hosts: nexus
become: yes
vars:
nexus_timezone: 'Asia/Omsk'
nexus_admin_password: "admin123"
nexus_public_hostname: 'apatsev-nexus-playbook'
httpd_setup_enable: false
nexus_privileges:
- name: all-repos-read
description: 'Read & Browse access to all repos'
repository: '*'
actions:
- read
- browse
- name: company-project-deploy
description: 'Deployments to company-project'
repository: company-project
actions:
- add
- edit
nexus_roles:
- id: Developpers # maps to the LDAP group
name: developers
description: All developers
privileges:
- nx-search-read
- all-repos-read
- company-project-deploy
roles: []
nexus_local_users:
- username: jenkins # used as key to update
first_name: Jenkins
last_name: CI
email: [email protected]
password: "s3cr3t"
roles:
- Developpers # role ID here
nexus_blobstores:
- name: company-artifacts
path: /var/nexus/blobs/company-artifacts
nexus_scheduled_tasks:
- name: compact-blobstore
cron: '0 0 22 * * ?'
typeId: blobstore.compact
taskProperties:
blobstoreName: 'company-artifacts'
nexus_repos_maven_proxy:
- name: central
remote_url: 'https://repo1.maven.org/maven2/'
layout_policy: permissive
- name: jboss
remote_url: 'https://repository.jboss.org/nexus/content/groups/public-jboss/'
- name: vaadin-addons
remote_url: 'https://maven.vaadin.com/vaadin-addons/'
- name: jaspersoft
remote_url: 'https://jaspersoft.artifactoryonline.com/jaspersoft/jaspersoft-repo/'
version_policy: mixed
nexus_repos_maven_hosted:
- name: company-project
version_policy: mixed
write_policy: allow
blob_store: company-artifacts
nexus_repos_maven_group:
- name: public
member_repos:
- central
- jboss
- vaadin-addons
- jaspersoft
# Yum. Change nexus_config_yum to true for create yum repository
nexus_config_yum: true
nexus_repos_yum_hosted:
- name: private_yum_centos_7
repodata_depth: 1
nexus_repos_yum_proxy:
- name: epel_centos_7_x86_64
remote_url: http://download.fedoraproject.org/pub/epel/7/x86_64
maximum_component_age: -1
maximum_metadata_age: -1
negative_cache_ttl: 60
- name: centos-7-os-x86_64
remote_url: http://mirror.centos.org/centos/7/os/x86_64/
maximum_component_age: -1
maximum_metadata_age: -1
negative_cache_ttl: 60
nexus_repos_yum_group:
- name: yum_all
member_repos:
- private_yum_centos_7
- epel_centos_7_x86_64
# NPM. Change nexus_config_npm to true for create npm repository
nexus_config_npm: true
nexus_repos_npm_hosted: []
nexus_repos_npm_group:
- name: npm-public
member_repos:
- npm-registry
nexus_repos_npm_proxy:
- name: npm-registry
remote_url: https://registry.npmjs.org/
negative_cache_enabled: false
# Docker. Change nexus_config_docker to true for create docker repository
nexus_config_docker: true
nexus_repos_docker_hosted:
- name: docker-hosted
http_port: "{{ nexus_docker_hosted_port }}"
v1_enabled: True
nexus_repos_docker_proxy:
- name: docker-proxy
http_port: "{{ nexus_docker_proxy_port }}"
v1_enabled: True
index_type: "HUB"
remote_url: "https://registry-1.docker.io"
use_nexus_certificates_to_access_index: false
maximum_component_age: 1440
maximum_metadata_age: 1440
negative_cache_enabled: true
negative_cache_ttl: 1440
nexus_repos_docker_group:
- name: docker-group
http_port: "{{ nexus_docker_group_port }}"
v1_enabled: True
member_repos:
- docker-hosted
- docker-proxy
# Bower. Change nexus_config_bower to true for create bower repository
nexus_config_bower: true
nexus_repos_bower_hosted:
- name: bower-hosted
nexus_repos_bower_proxy:
- name: bower-proxy
index_type: "proxy"
remote_url: "https://registry.bower.io"
use_nexus_certificates_to_access_index: false
maximum_component_age: 1440
maximum_metadata_age: 1440
negative_cache_enabled: true
negative_cache_ttl: 1440
nexus_repos_bower_group:
- name: bower-group
member_repos:
- bower-hosted
- bower-proxy
# Pypi. Change nexus_config_pypi to true for create pypi repository
nexus_config_pypi: true
nexus_repos_pypi_hosted:
- name: pypi-hosted
nexus_repos_pypi_proxy:
- name: pypi-proxy
index_type: "proxy"
remote_url: "https://pypi.org/"
use_nexus_certificates_to_access_index: false
maximum_component_age: 1440
maximum_metadata_age: 1440
negative_cache_enabled: true
negative_cache_ttl: 1440
nexus_repos_pypi_group:
- name: pypi-group
member_repos:
- pypi-hosted
- pypi-proxy
# rubygems. Change nexus_config_rubygems to true for create rubygems repository
nexus_config_rubygems: true
nexus_repos_rubygems_hosted:
- name: rubygems-hosted
nexus_repos_rubygems_proxy:
- name: rubygems-proxy
index_type: "proxy"
remote_url: "https://rubygems.org"
use_nexus_certificates_to_access_index: false
maximum_component_age: 1440
maximum_metadata_age: 1440
negative_cache_enabled: true
negative_cache_ttl: 1440
nexus_repos_rubygems_group:
- name: rubygems-group
member_repos:
- rubygems-hosted
- rubygems-proxy
# gitlfs. Change nexus_config_gitlfs to true for create gitlfs repository
nexus_config_gitlfs: true
nexus_repos_gitlfs_hosted:
- name: gitlfs-hosted
roles:
- { role: geerlingguy.java }
# Debian/Ubuntu only
# - { role: geerlingguy.apache, apache_create_vhosts: no, apache_mods_enabled: ["proxy_http.load", "headers.load"], apache_remove_default_vhost: true, tags: ["geerlingguy.apache"] }
# RedHat/CentOS only
- { role: geerlingguy.apache, apache_create_vhosts: no, apache_remove_default_vhost: true, tags: ["geerlingguy.apache"] }
- { role: ansible-thoteam.nexus3-oss, tags: ['ansible-thoteam.nexus3-oss'] }Whakaahuamata:
Tūnga taurangi
Taurangi Turanga
Taurangi me nga uara taunoa (tirohia default/main.yml):
Taurangi whānui
nexus_version: ''
nexus_timezone: 'UTC'Ma te taunoa, ka whakauruhia e te mahi te putanga hou o Nexus. Ka taea e koe te whakatika i te putanga ma te huri i te taurangi nexus_version. Tirohia nga putanga e waatea ana i .
Mena ka huri koe ki tetahi putanga hou ake, ka ngana te mahi ki te whakahou i to whakaurunga Nexus.
Mena kei te whakamahi koe i tetahi putanga tawhito o Nexus atu i te mea hou, me whakarite koe kaore koe i te whakamahi i nga ahuatanga kaore i te waatea i roto i te tukunga kua whakauruhia (hei tauira, kei te waatea nga whare putunga yum mo te nexus nui ake i te 3.8.0, git lfs repo. mo te nohonga nui ake i te 3.3.0 etc.)
nexus timezone Ko te ingoa o te rohe wa Java, ka whai hua ki te whakakotahi me nga kupu cron e whai ake nei mo nga mahi nexus_scheduled.
Tauranga Nexus me te ara horopaki
nexus_default_port: 8081
nexus_default_context_path: '/'Ko te tauranga me te ara horopaki o te tukanga hononga Java. nexus_default_context_path me whai rītaha whakamua ina whakaritea, hei tauira: nexus_default_context_path: '/nexus/'.
Nexus OS Kaiwhakamahi me te Rōpū
nexus_os_group: 'nexus'
nexus_os_user: 'nexus'Ko te kaiwhakamahi me te roopu i whakamahia ki te pupuri i nga konae Nexus me te whakahaere i te ratonga ka hangaia e te mahi mena kei te ngaro tetahi.
nexus_os_user_home_dir: '/home/nexus'Whakaaetia te huri i te whaiaronga kaainga taunoa mo te kaiwhakamahi nohonga
Whaiaronga tauira Nexus
nexus_installation_dir: '/opt'
nexus_data_dir: '/var/nexus'
nexus_tmp_dir: "{{ (ansible_os_family == 'RedHat') | ternary('/var/nexus-tmp', '/tmp/nexus') }}"Putumōhio Nexus.
nexus_installation_dirkei roto i nga konae ka taea te whakahaerenexus_data_dirkei roto katoa nga whirihoranga, nga putunga me nga taonga toi kua tangohia. Ko nga ara o te whare putunga ritenganexus_data_dirKa taea te whakarite, tirohia i raro neinexus_blobstores.nexus_tmp_dirkei roto nga kōnae rangitahi katoa. Kua nukuhia te ara taunoa mo redhat mai/tmpki te hinga i nga raru pea me nga tikanga horoi aunoa. Tirohia te #168.
Whirihorahia te Whakamahi Mahara JVM Nexus
nexus_min_heap_size: "1200M"
nexus_max_heap_size: "{{ nexus_min_heap_size }}"
nexus_max_direct_memory: "2G"Koinei nga tautuhinga taunoa mo Nexus. Tena koa kaua e whakarereketia enei uara Mena kaore koe i panui a kahore e mohio ki ta ratou e mahi nei.
Hei whakatūpato tuarua, anei tētahi wāhanga o te tuhinga o runga ake nei:
Kaore i te tūtohutia kia nui ake te mahara JVM ki tua atu i nga uara kua tohua hei whakapai ake i nga mahi. Ko tenei pea ka pa ke atu, ka puta he mahi koretake mo te punaha whakahaere.
Kupuhipa kaiwhakahaere
nexus_admin_password: 'changeme'Ko te kupuhipa pūkete "admin" mo te tatūnga. Ka mahi noa tenei i runga i te whakaurunga taunoa tuatahi. Tirohia koa [Hurihia te kupuhipa kaiwhakahaere i muri i te whakaurunga tuatahi](# change-admin-password-after-first-install) ki te hiahia koe ki te huri i muri mai ma te whakamahi i tetahi mahi.
E tino tūtohutia ana kia kaua e penapena i to kupu huna ki roto i nga tuhinga marama ki te pukapuka takaro, engari me whakamahi [ansible-vault encryption] () (raina, kei roto ranei i tetahi konae motuhake kua utaina hei tauira, whakauru_vars)
Te uru ingoamuna ma te taunoa
nexus_anonymous_access: falseKua monoa te uru ingoamuna ma te taunoa. Pānuitia atu mo .
Ingoa kaihautū tūmatanui
nexus_public_hostname: 'nexus.vm'
nexus_public_scheme: httpsKo te ingoa rohe me te kaupapa (https, http ranei) e waatea ana te tauira Nexus ki ona kaihoko.
Te urunga API mo tenei mahi
nexus_api_hostname: localhost
nexus_api_scheme: http
nexus_api_validate_certs: "{{ nexus_api_scheme == 'https' }}"
nexus_api_context_path: "{{ nexus_default_context_path }}"
nexus_api_port: "{{ nexus_default_port }}"Ka whakahaere enei taurangi me pehea te hono o te mahi ki te Nexus API mo te whakarato.
Mo nga kaiwhakamahi matatau anake. Kaore pea koe e hiahia ki te whakarereke i enei tautuhinga taunoa
Te whakarite takawaenga whakamuri
httpd_setup_enable: false
httpd_server_name: "{{ nexus_public_hostname }}"
httpd_default_admin_email: "[email protected]"
httpd_ssl_certificate_file: 'files/nexus.vm.crt'
httpd_ssl_certificate_key_file: 'files/nexus.vm.key'
# httpd_ssl_certificate_chain_file: "{{ httpd_ssl_certificate_file }}"
httpd_copy_ssl_files: trueTāuta .
Ki te mahi i tenei me whakauru koe i te httpd. Tuhipoka: ina mo httpd_setup_enable whakaritea uaratrue, hononga hono 127.0.0.1:8081, penei e kore te uru tika ma te tauranga HTTP 8081 mai i te wahitau IP o waho.
Ko te ingoa kaihautū taunoa i whakamahia ko nexus_public_hostname. Mena ka hiahia koe ki etahi ingoa rereke mo etahi take, ka taea e koe te whakarite httpd_server_name me te tikanga rereke.
С httpd_copy_ssl_files: true (ma te taunoa) me noho nga tiwhikete i runga ake nei i roto i to raarangi pukapuka takaro ka kapea ki te tūmau ka whirihorahia ki te apache.
Mena kei te hiahia koe ki te whakamahi i nga tiwhikete o mua i runga i te tūmau, tāuta httpd_copy_ssl_files: false me te whakarato i nga taurangi e whai ake nei:
# These specifies to the vhost where to find on the remote server file
# system the certificate files.
httpd_ssl_cert_file_location: "/etc/pki/tls/certs/wildcard.vm.crt"
httpd_ssl_cert_key_location: "/etc/pki/tls/private/wildcard.vm.key"
# httpd_ssl_cert_chain_file_location: "{{ httpd_ssl_cert_file_location }}"httpd_ssl_cert_chain_file_location he mea whiriwhiri, me waiho kia kore e tautuhi mena kaore koe e hiahia ki te whakarite i te konae mekameka
httpd_default_admin_email: "[email protected]"Tautuhia te wahitau imeera kaiwhakahaere taunoa
Whirihoranga LDAP
Ko nga hononga LDAP me te rohe haumarutanga kua monoa ma te taunoa
nexus_ldap_realm: false
ldap_connections: [], he penei te ahua o ia huānga:
nexus_ldap_realm: true
ldap_connections:
- ldap_name: 'My Company LDAP' # used as a key to update the ldap config
ldap_protocol: 'ldaps' # ldap or ldaps
ldap_hostname: 'ldap.mycompany.com'
ldap_port: 636
ldap_use_trust_store: false # Wether or not to use certs in the nexus trust store
ldap_search_base: 'dc=mycompany,dc=net'
ldap_auth: 'none' # or simple
ldap_auth_username: 'username' # if auth = simple
ldap_auth_password: 'password' # if auth = simple
ldap_user_base_dn: 'ou=users'
ldap_user_filter: '(cn=*)' # (optional)
ldap_user_object_class: 'inetOrgPerson'
ldap_user_id_attribute: 'uid'
ldap_user_real_name_attribute: 'cn'
ldap_user_email_attribute: 'mail'
ldap_user_subtree: false
ldap_map_groups_as_roles: false
ldap_group_base_dn: 'ou=groups'
ldap_group_object_class: 'posixGroup'
ldap_group_id_attribute: 'cn'
ldap_group_member_attribute: 'memberUid'
ldap_group_member_format: '${username}'
ldap_group_subtree: falseHe tauira whirihoranga LDAP mo te whakamotuhēhēnga ingoamuna (te here kore ingoa), he whirihoranga "iti" hoki tenei:
nexus_ldap_realm: true
ldap_connection:
- ldap_name: 'Simplest LDAP config'
ldap_protocol: 'ldaps'
ldap_hostname: 'annuaire.mycompany.com'
ldap_search_base: 'dc=mycompany,dc=net'
ldap_port: 636
ldap_use_trust_store: false
ldap_user_id_attribute: 'uid'
ldap_user_real_name_attribute: 'cn'
ldap_user_email_attribute: 'mail'
ldap_user_object_class: 'inetOrgPerson'Tauira whirihoranga LDAP mo te whakamotuhēhēnga māmā (mā te pūkete DSA):
nexus_ldap_realm: true
ldap_connections:
- ldap_name: 'LDAP config with DSA'
ldap_protocol: 'ldaps'
ldap_hostname: 'annuaire.mycompany.com'
ldap_port: 636
ldap_use_trust_store: false
ldap_auth: 'simple'
ldap_auth_username: 'cn=mynexus,ou=dsa,dc=mycompany,dc=net'
ldap_auth_password: "{{ vault_ldap_dsa_password }}" # better keep passwords in an ansible vault
ldap_search_base: 'dc=mycompany,dc=net'
ldap_user_base_dn: 'ou=users'
ldap_user_object_class: 'inetOrgPerson'
ldap_user_id_attribute: 'uid'
ldap_user_real_name_attribute: 'cn'
ldap_user_email_attribute: 'mail'
ldap_user_subtree: falseTauira whirihoranga LDAP mo te whakamotuhēhēnga māmā (ma te whakamahi i te pūkete DSA) + nga roopu kua mapi hei mahi:
nexus_ldap_realm: true
ldap_connections
- ldap_name: 'LDAP config with DSA'
ldap_protocol: 'ldaps'
ldap_hostname: 'annuaire.mycompany.com'
ldap_port: 636
ldap_use_trust_store: false
ldap_auth: 'simple'
ldap_auth_username: 'cn=mynexus,ou=dsa,dc=mycompany,dc=net'
ldap_auth_password: "{{ vault_ldap_dsa_password }}" # better keep passwords in an ansible vault
ldap_search_base: 'dc=mycompany,dc=net'
ldap_user_base_dn: 'ou=users'
ldap_user_object_class: 'inetOrgPerson'
ldap_user_id_attribute: 'uid'
ldap_user_real_name_attribute: 'cn'
ldap_user_email_attribute: 'mail'
ldap_map_groups_as_roles: true
ldap_group_base_dn: 'ou=groups'
ldap_group_object_class: 'groupOfNames'
ldap_group_id_attribute: 'cn'
ldap_group_member_attribute: 'member'
ldap_group_member_format: 'uid=${username},ou=users,dc=mycompany,dc=net'
ldap_group_subtree: falseTauira whirihoranga LDAP mo te whakamotuhēhēnga māmā (ma te whakamahi i te pūkete DSA) + nga roopu kua mapihia hei mahi:
nexus_ldap_realm: true
ldap_connections:
- ldap_name: 'LDAP config with DSA'
ldap_protocol: 'ldaps'
ldap_hostname: 'annuaire.mycompany.com'
ldap_port: 636
ldap_use_trust_store: false
ldap_auth: 'simple'
ldap_auth_username: 'cn=mynexus,ou=dsa,dc=mycompany,dc=net'
ldap_auth_password: "{{ vault_ldap_dsa_password }}" # better keep passwords in an ansible vault
ldap_search_base: 'dc=mycompany,dc=net'
ldap_user_base_dn: 'ou=users'
ldap_user_object_class: 'inetOrgPerson'
ldap_user_id_attribute: 'uid'
ldap_user_real_name_attribute: 'cn'
ldap_user_email_attribute: 'mail'
ldap_map_groups_as_roles: true
ldap_map_groups_as_roles_type: 'dynamic'
ldap_user_memberof_attribute: 'memberOf'Haahitanga
nexus_privileges:
- name: all-repos-read # used as key to update a privilege
# type: <one of application, repository-admin, repository-content-selector, repository-view, script or wildcard>
description: 'Read & Browse access to all repos'
repository: '*'
actions: # can be add, browse, create, delete, edit, read or * (all)
- read
- browse
# pattern: pattern
# domain: domain
# script_name: nameTuhinga o mua mo nga tautuhinga. Titiro ki nga tuhinga me te GUI hei tirotiro ko wai nga taurangi me tautuhi i runga i te momo mana.
Ka honoa enei huānga me nga uara taunoa e whai ake nei:
_nexus_privilege_defaults:
type: repository-view
format: maven2
actions:
- readTūnga (kei roto i te Nexus te tikanga)
nexus_roles:
- id: Developpers # can map to a LDAP group id, also used as a key to update a role
name: developers
description: All developers
privileges:
- nx-search-read
- all-repos-read
roles: [] # references to other role namesTuhinga o mua mo nga tautuhinga.
kaiwhakamahi
nexus_local_users: []
# - username: jenkins # used as key to update
# state: present # default value if ommited, use 'absent' to remove user
# first_name: Jenkins
# last_name: CI
# email: [email protected]
# password: "s3cr3t"
# roles:
# - developers # role IDRarangi kaiwhakamahi/putea paetata (kore-LDAP) hei hanga i roto i te nohonga.
Rārangi o ngā kaiwhakamahi/pūkete ā-rohe (kore-LDAP) hei hanga ki Nexus.
nexus_ldap_users: []
# - username: j.doe
# state: present
# roles:
# - "nx-admin"Mahere Ldap o nga kaiwhakamahi/mahi. State absent ka tangohia nga mahi mai i tetahi kaiwhakamahi o mua mena kei te noho tonu tetahi.
Kaore nga kaiwhakamahi Ldap e mukua. Ko te ngana ki te tautuhi i tetahi waahi mo te kaiwhakamahi kore-kore ka puta he hapa.
Kaiwhiringa ihirangi
nexus_content_selectors:
- name: docker-login
description: Selector for docker login privilege
search_expression: format=="docker" and path=~"/v2/"Mo etahi atu korero mo te kaikowhiri ihirangi, tirohia .
Hei whakamahi i te kaikowhiri ihirangi, taapirihia he mana hou type: repository-content-selector me te whai takecontentSelector
- name: docker-login-privilege
type: repository-content-selector
contentSelector: docker-login
description: 'Login to Docker registry'
repository: '*'
actions:
- read
- browseNga whare putunga me nga putunga
nexus_delete_default_repos: falseMukua nga putunga mai i te hononga whakauru i te whirihoranga taunoa tuatahi. Ka mahia tenei taahiraa i te wa tuatahi ka whakauru (ka nexus_data_dir kua kitea kau).
Te tango i nga putunga mai i te whirihoranga taunoa mo Nexus. Ka mahia tenei taahiraa i te wa o te whakaurunga tuatahi (ina nexus_data_dir kau).
nexus_delete_default_blobstore: falseMukua te toa taunoa mai i te whakaurunga whirihoranga taunoa tuatahi. Ka taea tenei mehemea nexus_delete_default_repos: true me nga putunga whirihora katoa (tirohia ki raro) he marama blob_store: custom. Ka mahia tenei taahiraa i te wa tuatahi ka whakauru (ka nexus_data_dir kua kitea kau).
Ko te tango i te putunga putunga (nga taonga toi-rua) ka monoa ma te taunoa mai i te whirihoranga tuatahi. Hei tango i te putunga putunga (nga taonga hangarua), whakawetohia nexus_delete_default_repos: true. Ka mahia tenei taahiraa i te wa o te whakaurunga tuatahi (ina nexus_data_dir kau).
nexus_blobstores: []
# example blobstore item :
# - name: separate-storage
# type: file
# path: /mnt/custom/path
# - name: s3-blobstore
# type: S3
# config:
# bucket: s3-blobstore
# accessKeyId: "{{ VAULT_ENCRYPTED_KEY_ID }}"
# secretAccessKey: "{{ VAULT_ENCRYPTED_ACCESS_KEY }}"ki te hanga. Kare e taea te whakahōu i te ara o te whare putunga me te whare putunga putunga i muri i te waihangatanga tuatahi (ka waihotia nga whakahōutanga i konei i runga i te whakaratonga ano).
Ko te whirihora i te toa i runga i te S3 he mea ngawari, ehara i te waahanga o nga whakamatautau aunoa e whakahaerehia ana e matou i runga i te travis. Kia mahara ko te penapena i runga i te S3 ka tūtohu noa mo nga waahi ka tukuna ki runga i te AWS.
Hangahanga . Kaore e taea te whakahou i te ara rokiroki me te putunga putunga i muri i te hanganga tuatahi (ka waiho nga whakahou i konei ina whakaurua ano).
Ko te whakatu i te putunga putunga ki runga i te S3 he mea ngawari. Kia mahara ko te rokiroki S3 anake e taunakihia ana mo nga waahi ka tukuna ki runga i te AWS.
nexus_repos_maven_proxy:
- name: central
remote_url: 'https://repo1.maven.org/maven2/'
layout_policy: permissive
# maximum_component_age: -1
# maximum_metadata_age: 1440
# negative_cache_enabled: true
# negative_cache_ttl: 1440
- name: jboss
remote_url: 'https://repository.jboss.org/nexus/content/groups/public-jboss/'
# maximum_component_age: -1
# maximum_metadata_age: 1440
# negative_cache_enabled: true
# negative_cache_ttl: 1440
# example with a login/password :
# - name: secret-remote-repo
# remote_url: 'https://company.com/repo/secure/private/go/away'
# remote_username: 'username'
# remote_password: 'secret'
# # maximum_component_age: -1
# # maximum_metadata_age: 1440
# # negative_cache_enabled: true
# # negative_cache_ttl: 1440Kei runga he tauira whirihoranga Maven.
nexus_repos_maven_hosted:
- name: private-release
version_policy: release
write_policy: allow_once # one of "allow", "allow_once" or "deny"Maven whirihoranga. Ko te whirihora keteroki kino he mea whiriwhiri, ka taunoa ki nga uara o runga ake mena ka waiho.
Hōutuutu Maven. Ko te whirihoranga keteroki kino (-1) he mea kowhiringa ka taunoa ki nga uara o runga ake mena kaore i tohua.
nexus_repos_maven_group:
- name: public
member_repos:
- central
- jbossHōutuutu Maven.
Ka honoa nga momo putunga e toru me nga uara taunoa e whai ake nei:
_nexus_repos_maven_defaults:
blob_store: default # Note : cannot be updated once the repo has been created
strict_content_validation: true
version_policy: release # release, snapshot or mixed
layout_policy: strict # strict or permissive
write_policy: allow_once # one of "allow", "allow_once" or "deny"
maximum_component_age: -1 # Nexus gui default. For proxies only
maximum_metadata_age: 1440 # Nexus gui default. For proxies only
negative_cache_enabled: true # Nexus gui default. For proxies only
negative_cache_ttl: 1440 # Nexus gui default. For proxies onlyDocker, Pypi, Raw, Rubygems, Bower, NPM, Git-LFS me nga momo rokiroki yum:
kite defaults/main.yml mo enei whiringa:
Docker, Pypi, Raw, Rubygems, Bower, NPM, Git-LFS me nga putunga yum kua monokia ma te taunoa:
Tirohia defaults/main.yml mo enei whiringa:
nexus_config_pypi: false
nexus_config_docker: false
nexus_config_raw: false
nexus_config_rubygems: false
nexus_config_bower: false
nexus_config_npm: false
nexus_config_gitlfs: false
nexus_config_yum: falseKia mahara ka hiahia koe ki te whakahohe i etahi waahanga haumarutanga mena ka hiahia koe ki te whakamahi i etahi atu momo putunga atu i te maven. He teka tenei na te taunoa
nexus_nuget_api_key_realm: false
nexus_npm_bearer_token_realm: false
nexus_docker_bearer_token_realm: false # required for docker anonymous accessKa taea hoki te whakamahi i te Realm Kaiwhakamahi Mamao
nexus_rut_auth_realm: trueme te taitara ka taea te whakarite ma te tautuhi
nexus_rut_auth_header: "CUSTOM_HEADER"Nga mahi kua whakaritea
nexus_scheduled_tasks: []
# # Example task to compact blobstore :
# - name: compact-docker-blobstore
# cron: '0 0 22 * * ?'
# typeId: blobstore.compact
# task_alert_email: [email protected] # optional
# taskProperties:
# blobstoreName: {{ nexus_blob_names.docker.blob }} # all task attributes are stored as strings by nexus internally
# # Example task to purge maven snapshots
# - name: Purge-maven-snapshots
# cron: '0 50 23 * * ?'
# typeId: repository.maven.remove-snapshots
# task_alert_email: [email protected] # optional
# taskProperties:
# repositoryName: "*" # * for all repos. Change to a repository name if you only want a specific one
# minimumRetained: "2"
# snapshotRetentionDays: "2"
# gracePeriodInDays: "2"
# booleanTaskProperties:
# removeIfReleased: true
# # Example task to purge unused docker manifest and images
# - name: Purge unused docker manifests and images
# cron: '0 55 23 * * ?'
# typeId: "repository.docker.gc"
# task_alert_email: [email protected] # optional
# taskProperties:
# repositoryName: "*" # * for all repos. Change to a repository name if you only want a specific one
# # Example task to purge incomplete docker uploads
# - name: Purge incomplete docker uploads
# cron: '0 0 0 * * ?'
# typeId: "repository.docker.upload-purge"
# task_alert_email: [email protected] # optional
# taskProperties:
# age: "24" mo nga tautuhinga. typeId me te mahi motuhaketaskProperties/booleanTaskProperties ka taea e koe te whakaaro:
- mai i te momo hierarchy Java
org.sonatype.nexus.scheduling.TaskDescriptorSupport - te taki i te puka hanga mahi HTML i to kaitirotiro
- mai i te tiro i nga tono AJAX i roto i te kaitirotiro i te wa e whakarite ana i tetahi mahi.
Me whakaatu nga ahuatanga mahi ki te paraka yaml tika i runga i to raatau momo:
taskPropertiesmō ngā āhuatanga aho katoa (arā, ngā ingoa pātaka, ingoa pātaka, wā wā...).booleanTaskPropertiesmo nga ahuatanga arorau katoa (arā ko nga pouakataki i te GUI o te mahi hanga hononga).
Pūrua
nexus_backup_configure: false
nexus_backup_cron: '0 0 21 * * ?' # See cron expressions definition in nexus create task gui
nexus_backup_dir: '/var/nexus-backup'
nexus_restore_log: '{{ nexus_backup_dir }}/nexus-restore.log'
nexus_backup_rotate: false
nexus_backup_rotate_first: false
nexus_backup_keep_rotations: 4 # Keep 4 backup rotation by default (current + last 3)Kaore e whirihorahia te taapiri kia huri ra ano koe nexus_backup_configure в true.
I tenei keehi, ka whirihorahia te mahi tuhinga kua whakaritea kia haere ki runga Nexus
i te waahi kua tohua ki roto nexus_backup_cron (taunoa 21:00 ia ra).
Tirohia [tauira groovy mo tenei mahi](templates/backup.groovy.j2) mo nga taipitopito.
He motuhake tenei mahi kua whakaritea i etahi atu nexus_scheduled_taskse koe
panui i to pukapuka takaro.
Mena kei te pirangi koe ki te huri / muku i nga taapiri, whakauruhia nexus_backup_rotate: true me te whirihora i te maha o nga taapiri e hiahia ana koe ki te penapena ma te whakamahi nexus_backup_keep_rotations (taunoa 4).
Ina whakamahi hurihanga, mena kei te pirangi koe ki te penapena mokowā kōpae atu i te wā o te mahi tārua,
Ka taea e koe te whakauru nexus_backup_rotate_first: true. Ma tenei ka whirihora i mua i te hurihanga/muku i mua i te taapiri. Ma te taunoa, ka puta te hurihanga i muri i te hanganga o te taapiri. Kia mahara mai i tenei keehi ko nga taapiri tawhito
ka mukua i mua i te hanga i te tārua o nāianei.
Te tukanga whakaora
Whakahaere pukapuka purei me te tawhā -e nexus_restore_point=<YYYY-MM-dd-HH-mm-ss>
(hei tauira, 2017-12-17-21-00-00 mo Hakihea 17, 2017 i te 21:00
Te tango hononga
Whakatupato: Ma tenei ka whakakore katoa i o raraunga o naianei. Kia kaha ki te hanga i tetahi taapiri mo mua mena e tika ana
Whakamahia he taurangi nexus_purgeki te hiahia koe ki te timata ano mai i te wahanga me te whakauru ano i te tauira nohonga me nga raraunga katoa kua tangohia.
ansible-playbook -i your/inventory.ini your_nexus_playbook.yml -e nexus_purge=trueHurihia te kupuhipa kaiwhakahaere i muri i te whakaurunga tuatahi
nexus_default_admin_password: 'admin123'Kaua tenei e whakarereke i to pukapuka takaro. Kua kapi tenei taurangi ki te kupuhipa kaiwhakahaere Nexus taunoa i te whakaurunga tuatahi me te whakarite ka taea e matou te huri i te kupuhipa kaiwhakahaere ki nexus_admin_password.
Mena kei te hiahia koe ki te whakarereke i te kupuhipa kaiwhakahaere i muri i te whakaurunga tuatahi, ka taea e koe te whakarereke mo te wa poto ki te kupuhipa tawhito mai i te raina whakahau. I muri i te huringa nexus_admin_password i roto i to pukapuka takaro ka taea e koe te whakahaere:
ansible-playbook -i your/inventory.ini your_playbook.yml -e nexus_default_admin_password=oldPasswordTe hongere Telegram i runga i te Nexus Sonatype:
Ko nga kaiwhakamahi kua rehita anake ka uru ki te rangahau. tēnā.
He aha nga whare taonga toi e whakamahia ana e koe?
-
He kore utu a Sonatype Nexus
-
Ko te Sonatype Nexus i utua
-
He kore utu te mahi toi
-
Ka utua te mahi toi
-
Awa
-
Pulp
9 nga kaiwhakamahi i pooti. 3 nga kaiwhakamahi i aukati.
Source: will.com