使用 docker-compose 和 Traefik 反向代理的简单 5 分钟 Sonatype Nexus OSS 设置（带 Docker 仓库）

Sonatype Nexus OSS 是一个开源的多仓库管理器。它可以用于托管 Docker 镜像等。本指南将向你展示如何在 5 分钟内设置一个带 Docker 仓库的 Sonatype Nexus OSS 实例。

首先，在你希望 nexus 所在的目录中，运行此初始化脚本

init_nexus.sh

#!/bin/sh
mkdir nexus_data
chown -R 200 nexus_data

#!/bin/sh
mkdir nexus_data
chown -R 200 nexus_data

然后，创建 docker-compose.yml 并在 traefik 标签中输入你的域名、解析器等配置：

docker-compose.nexus.yml

services:
  nexus:
    image: sonatype/nexus3
    restart: unless-stopped
    volumes:
      - "./nexus_data:/nexus-data"
    labels:
      - "traefik.enable=true"
      # Nexus (main webinterface)
      - "traefik.http.routers.nexus-mydomain.rule=Host(`nexus.mydomain.com`)"
      - "traefik.http.routers.nexus-mydomain.entrypoints=websecure"
      - "traefik.http.routers.nexus-mydomain.tls.certresolver=cloudflare-ec384"
      - "traefik.http.routers.nexus-mydomain.tls.domains[0].main=mydomain.com"
      - "traefik.http.routers.nexus-mydomain.tls.domains[0].sans=*.mydomain.com"
      - "traefik.http.services.nexus-mydomain.loadbalancer.server.port=8081"
      - "traefik.http.routers.nexus-mydomain.service=nexus-mydomain"
      - "traefik.http.middlewares.nexus-mydomain-compress.compress=true"
      - "traefik.http.routers.nexus-mydomain.middlewares=nexus-mydomain-compress"
      # Docker registry (runs on separate port 8089 and needs to be configured in Nexus first
      - "traefik.http.routers.registry-mydomain.rule=Host(`registry.mydomain.com`)"
      - "traefik.http.routers.registry-mydomain.entrypoints=websecure"
      - "traefik.http.routers.registry-mydomain.tls.certresolver=cloudflare-ec384"
      - "traefik.http.routers.registry-mydomain.tls.domains[0].main=mydomain.com"
      - "traefik.http.routers.registry-mydomain.tls.domains[0].sans=*.mydomain.com"
      - "traefik.http.services.registry-mydomain.loadbalancer.server.port=8089"
      - "traefik.http.routers.registry-mydomain.service=registry-mydomain"
      - "traefik.http.middlewares.registry-mydomain-compress.compress=true"
      - "traefik.http.routers.registry-mydomain.middlewares=nexus-mydomain-compress"

services:
  nexus:
    image: sonatype/nexus3
    restart: unless-stopped
    volumes:
      - "./nexus_data:/nexus-data"
    labels:
      - "traefik.enable=true"
      # Nexus (main webinterface)
      - "traefik.http.routers.nexus-mydomain.rule=Host(`nexus.mydomain.com`)"
      - "traefik.http.routers.nexus-mydomain.entrypoints=websecure"
      - "traefik.http.routers.nexus-mydomain.tls.certresolver=cloudflare-ec384"
      - "traefik.http.routers.nexus-mydomain.tls.domains[0].main=mydomain.com"
      - "traefik.http.routers.nexus-mydomain.tls.domains[0].sans=*.mydomain.com"
      - "traefik.http.services.nexus-mydomain.loadbalancer.server.port=8081"
      - "traefik.http.routers.nexus-mydomain.service=nexus-mydomain"
      - "traefik.http.middlewares.nexus-mydomain-compress.compress=true"
      - "traefik.http.routers.nexus-mydomain.middlewares=nexus-mydomain-compress"
      # Docker registry (runs on separate port 8089 and needs to be configured in Nexus first
      - "traefik.http.routers.registry-mydomain.rule=Host(`registry.mydomain.com`)"
      - "traefik.http.routers.registry-mydomain.entrypoints=websecure"
      - "traefik.http.routers.registry-mydomain.tls.certresolver=cloudflare-ec384"
      - "traefik.http.routers.registry-mydomain.tls.domains[0].main=mydomain.com"
      - "traefik.http.routers.registry-mydomain.tls.domains[0].sans=*.mydomain.com"
      - "traefik.http.services.registry-mydomain.loadbalancer.server.port=8089"
      - "traefik.http.routers.registry-mydomain.service=registry-mydomain"
      - "traefik.http.middlewares.registry-mydomain-compress.compress=true"
      - "traefik.http.routers.registry-mydomain.middlewares=nexus-mydomain-compress"

现在启动容器

docker_compose_up.sh

docker-compose up -d

docker-compose up -d

等待容器启动，然后使用以下命令获取初始管理员密码

get_nexus_admin_password.sh

docker-compose exec nexus cat /nexus-data/admin.password

docker-compose exec nexus cat /nexus-data/admin.password

现在转到 https://nexus.mydomain.com 并使用管理员密码登录。

现在通过点击右上角的齿轮图标，然后点击 Repositories，再点击 Create repository，然后点击 Docker (hosted)，填写详细信息并保存来配置仓库。

Sonatype Nexus - 创建 Docker 仓库

现在启用 HTTP，因为它在反向代理后运行，然后将端口设置为 8089（这不是一个特殊端口，只是我们在 docker-compose.yml 的 traefik 标签中的辅助 Traefik 路由器中配置的端口）。

Sonatype Nexus - 配置 Docker 仓库

现在你可以使用例如以下命令访问它

docker_login_registry.sh

docker login registry.mydomain.com

docker login registry.mydomain.com

并使用你的 Nexus 凭据登录。

记住，虽然 Sonatype Nexus 运行在 https://nexus.techoverflow.net，但仓库运行在 https://registry.techoverflow.net（或你的域名）。这不适用于所有仓库类型，但对于 Docker，我们必须使用双域名配置。

Check out similar posts by category: Docker

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow

Buy me a coffee