:::info 视频演示 https://www.bilibili.com/video/BV1gv411w7SU/ :::

准备工作

申请域名 SSL

上传至 $PWD/nexus3/certs

本地域名解析

windows C:\Windows\System32\drivers\etc\hosts linux /etc/hosts

创建数据路径并设置权限

  1. mkdir -p $PWD/nexus3/data && chmod 777 $PWD/nexus3/data && cd $PWD/nexus3

部署

docker-compose.yml

  1. version: "3.7"
  3. services:
  4.   nexus3:
  5.     image: sonatype/nexus3:3.33.1
  6.     container_name: nexus3
  7.     restart: always
  8.     privileged: true
  9.     environment:
  10.       - TZ=Asia/Shanghai
  11.     volumes:
  12.       - $PWD/data:/nexus-data
  13.   nginx:
  14.     image: nginx:1.21.1-alpine
  15.     container_name: nginx
  16.     restart: always
  17.     environment:
  18.       - TZ=Asia/Shanghai
  19.     ports:
  20.       - "80:80"
  21.       - "443:443"
  22.     volumes:
  23.       - $PWD/nginx.conf:/etc/nginx/nginx.conf:ro     # nginx配置
  24.       - $PWD/certs:/certs                    # SSL证书
  25.       - $PWD/log:/var/log/nginx
  26.     depends_on:
  27.       - nexus3
  28.     logging:
  29.       driver: "json-file"
  30.       options:
  31.         max-size: "5g"  # 限制日志大小

nginx.conf

  1. worker_processes 4;
  2. worker_rlimit_nofile 40000;
  4. events {
  5.     worker_connections 8192;
  6. }
  8. http {
  9.     upstream nexus3_http {
  10.         server nexus3:8081;
  11.     }
  13.     server {
  14.         listen 80;
  15.         server_name hub.haifengat.com; # 域名替换
  17.         location / {
  18.             proxy_pass http://nexus3_http;
  19.             proxy_set_header Host $host;
  20.             proxy_set_header X-Real-IP $remote_addr;
  21.             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  22.             proxy_set_header X-Forwarded-Proto $scheme;
  23.             proxy_set_header Upgrade $http_upgrade;
  24.             proxy_set_header Connection "Upgrade";
  25.         }
  26.     }
  28.     upstream nexus3_ssl {
  29.         server nexus3:8082;
  30.     }
  32.     server {
  33.         listen 443 ssl;
  34.         server_name hub.haifengat.com; # 域名替换
  35.         # SSL
  36.         ssl_certificate /certs/20220824_hub.haifengat.com.pem;
  37.         ssl_certificate_key /certs/20220824_hub.haifengat.com.key;
  39.         client_max_body_size 5000m;  # 上传大文件
  41.         location / {
  42.             proxy_pass http://nexus3_ssl;
  43.             proxy_set_header Host $host;
  44.             proxy_set_header X-Real-IP $remote_addr;
  45.             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  46.             proxy_set_header X-Forwarded-Proto $scheme;
  47.             proxy_set_header Upgrade $http_upgrade;
  48.             proxy_set_header Connection "Upgrade";
  49.         }
  50.     }
  51. }

运行

  1. docker-compose up -d

文件列表

image.png

配置 nexus3

登录

http://hub.haifengat.com

配置

  • 修改admin密码为Harbor12345
  • 允许匿名读取数据
  • 创建 docker(hosted) 仓库
  • 设置http 8082端口
  • Allow anonymous docker pull (不要勾选)

    daemon.json

    1. # 增加信任
    2. "insecure-registries": ["https://hub.haifengat.com"]

    QA

    502 Bad Gateway

    配置 nexus3 时使用 http 而非 https

no basic auth credentials

需要先 docker login 登录

401 Unauthorized

docker login -u admin -p Harbor12345 hub.haifengat.com 登录时报错

image.png

不允许匿名

image.png

404 response body: invalid character ‘<’ …

解决

  1. docker login -u admin -p Harbor12345 hub.haifengat.com