4 This cookbook sets up a Sonatype Nexus Repository Manager by Docker Compose.
8 - [Requirements](#requirements)
9 - [platforms](#platforms)
10 - [packages](#packages)
11 - [cookbooks](#cookbooks)
12 - [Attributes](#attributes)
15 - [nexus-grid::default](#nexus-griddefault)
16 - [nexus-grid::docker-compose](#nexus-griddocker-compose)
17 - [Role Examples](#role-examples)
18 - [SSL server keys and certificates management by ssl_cert cookbook](#ssl-server-keys-and-certificates-management-by-ssl_cert-cookbook)
19 - [License and Authors](#license-and-authors)
38 |Key|Type|Description, example|Default|
40 |`['nexus-grid']['with_ssl_cert_cookbook']`|Boolean|Activates TLS configurations by the `ssl_cert` cookbook. See `attributes/default.rb`|`false`|
41 |`['nexus-grid']['ssl_cert']['common_name']`|String|Server common name for TLS|`node['fqdn']`|
42 |`['nexus-grid']['docker-compose']['app_dir']`|String||`"#{node['docker-grid']['compose']['app_dir']}/nexus"`|
43 |`['nexus-grid']['docker-compose']['etc_dir']`|String||`"#{node['nexus-grid']['docker-compose']['app_dir']}/etc"`|
44 |`['nexus-grid']['docker-compose']['data_dir']`|String|Path string or nil (unset).|`"#{node['nexus-grid']['docker-compose']['app_dir']}/data"`|
45 |`['nexus-grid']['docker-compose']['config']`|Hash|`docker-compose.yml` configurations.|See `attributes/default.rb`|
51 #### nexus-grid::default
53 This recipe does nothing.
55 #### nexus-grid::docker-compose
57 This recipe generates a `docker-compose.yml` file for the Sonatype Nexus Repository Manager service.
68 # see https://osdn.net/projects/metasearch/scm/git/grid-chef-repo/blobs/master/roles/docker-new-repo.rb
70 'recipe[nexus-grid::docker-compose]',
73 image = 'sonatype/nexus3'
74 #image = 'sonatype/nexus' # Nexus2
88 # This volume will be set by the nexus-grid::docker-compose recipe automatically.
89 #"#{node['nexus-grid']['docker-compose']['etc_dir']}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro",
93 'restart' => 'always',
96 # This volume will be set by the nexus-grid::docker-compose recipe automatically.
98 #"#{node['nexus-grid']['docker-compose']['data_dir']}:/nexus-data:rw",
100 #"#{node['nexus-grid']['docker-compose']['data_dir']}:/sonatype-work:rw",
104 #'JAVA_MAX_HEAP' => '1200m', # passed as -Xmx. Defaults to 1200m.
105 #'JAVA_MIN_HEAP' => '1200m', # passed as -Xms. Defaults to 1200m.
106 #'EXTRA_JAVA_OPTS' => '', # Additional options can be passed to the JVM via this variable.
108 #'CONTEXT_PATH' => '/nexus',
109 #'MAX_HEAP' => '768m',
110 #'MIN_HEAP' => '256m',
111 #'JAVA_OPTS' => '-server -XX:MaxPermSize=192m -Djava.net.preferIPv4Stack=true',
112 #'LAUNCHER_CONF' => './conf/jetty.xml ./conf/jetty-requestlog.xml',
122 - `roles/nexus-with-ssl.rb`
125 name 'nexus-with-ssl'
126 description 'Nexus with SSL by reverse proxy (nginx)'
129 #'recipe[ssl_cert::server_key_pairs]', # nexus-grid cookbook < 0.1.3
131 'recipe[nexus-grid::docker-compose]',
134 image = 'sonatype/nexus3'
135 #image = 'sonatype/nexus' # Nexus2
137 cn = 'nexus.io.example.com'
142 # cn, # nexus-grid cookbook < 0.1.4
146 'with_ssl_cert_cookbook' => true,
150 'docker-compose' => {
159 # These volumes will be set by the nexus-grid::docker-compose recipe automatically.
160 #"#{node['nexus-grid']['docker-compose']['etc_dir']}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro",
161 # and server key pair volume conf.
165 'restart' => 'always',
168 # This volume will be set by the nexus-grid::docker-compose recipe automatically.
170 #"#{node['nexus-grid']['docker-compose']['data_dir']}:/nexus-data:rw",
172 #"#{node['nexus-grid']['docker-compose']['data_dir']}:/sonatype-work:rw",
176 #'JAVA_MAX_HEAP' => '1200m', # passed as -Xmx. Defaults to 1200m.
177 #'JAVA_MIN_HEAP' => '1200m', # passed as -Xms. Defaults to 1200m.
178 #'EXTRA_JAVA_OPTS' => '', # Additional options can be passed to the JVM via this variable.
180 #'CONTEXT_PATH' => '/nexus',
181 #'MAX_HEAP' => '768m',
182 #'MIN_HEAP' => '256m',
183 #'JAVA_OPTS' => '-server -XX:MaxPermSize=192m -Djava.net.preferIPv4Stack=true',
184 #'LAUNCHER_CONF' => './conf/jetty.xml ./conf/jetty-requestlog.xml',
194 ### SSL server keys and certificates management by the `ssl_cert` cookbook
196 - create vault items.
199 $ ruby -rjson -e 'puts JSON.generate({"private" => File.read("nexus.io.example.com.prod.key")})' \
200 > > ~/tmp/nexus.io.example.com.prod.key.json
202 $ ruby -rjson -e 'puts JSON.generate({"public" => File.read("nexus.io.example.com.prod.crt")})' \
203 > > ~/tmp/nexus.io.example.com.prod.crt.json
207 $ knife vault create ssl_server_keys nexus.io.example.com.prod \
208 > --json ~/tmp/nexus.io.example.com.prod.key.json
210 $ knife vault create ssl_server_certs nexus.io.example.com.prod \
211 > --json ~/tmp/nexus.io.example.com.prod.crt.json
214 - grant reference permission to the Concourse host
217 $ knife vault update ssl_server_keys nexus.io.example.com.prod -S 'name:nexus-host.example.com'
218 $ knife vault update ssl_server_certs nexus.io.example.com.prod -S 'name:nexus-host.example.com'
221 - modify run_list and attributes
225 #'recipe[ssl_cert::server_key_pairs]', # nexus-grid cookbook < 0.1.3
226 'recipe[nexus-grid::docker-compose]',
232 # 'nexus.io.example.com', # nexus-grid cookbook < 0.1.4
236 'with_ssl_cert_cookbook' => true,
238 'common_name' => 'nexus.io.example.com',
245 ## License and Authors
247 - Author:: whitestar at osdn.jp
250 Copyright 2017, whitestar
252 Licensed under the Apache License, Version 2.0 (the "License");
253 you may not use this file except in compliance with the License.
254 You may obtain a copy of the License at
256 http://www.apache.org/licenses/LICENSE-2.0
258 Unless required by applicable law or agreed to in writing, software
259 distributed under the License is distributed on an "AS IS" BASIS,
260 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
261 See the License for the specific language governing permissions and
262 limitations under the License.