Docker部署Nexus3,并使用Nginx进行反向代理 集成LDAP

390

1、使用docker-compose部署

<span class="token function">mkdir</span> -p /srv/nexus/nexus-compose/ <span class="token function">mkdir</span> -p /srv/nexus/data <span class="token function">chown</span> <span class="token number">200</span> -R /srv/nexus/data/  version: <span class="token string">'3'</span> services: nexus3: restart: always image: sonatype/nexus3:3.33.1 ports: - <span class="token number">10.11</span>.1.13:8081:8081 - <span class="token number">10.11</span>.1.13:18081:8081 - <span class="token number">10.11</span>.1.13:18082:8082 volumes: - /srv/nexus/data:/nexus-data <span class="token builtin class-name">cd</span> /srv/nexus/nexus-compose/ <span class="token function">docker-compose</span> up -d 
<span class="token function">mkdir</span> -p /srv/nexus/nexus-compose/ <span class="token function">mkdir</span> -p /srv/nexus/data <span class="token function">chown</span> <span class="token number">200</span> -R /srv/nexus/data/  version: <span class="token string">'3'</span> services: nexus3: restart: always image: sonatype/nexus3:3.33.1 ports: - <span class="token number">10.11</span>.1.13:8081:8081 - <span class="token number">10.11</span>.1.13:18081:8081 - <span class="token number">10.11</span>.1.13:18082:8082 volumes: - /srv/nexus/data:/nexus-data <span class="token builtin class-name">cd</span> /srv/nexus/nexus-compose/ <span class="token function">docker-compose</span> up -d 
mkdir -p /srv/nexus/nexus-compose/ mkdir -p /srv/nexus/data chown 200 -R /srv/nexus/data/  version: '3' services: nexus3: restart: always image: sonatype/nexus3:3.33.1 ports: - 10.11.1.13:8081:8081 - 10.11.1.13:18081:8081 - 10.11.1.13:18082:8082 volumes: - /srv/nexus/data:/nexus-data cd /srv/nexus/nexus-compose/ docker-compose up -d

2、配置Nginx代理

<span class="token function">cp</span> /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/nexus.conf  upstream nexus_website <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:8081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_hosted <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_group <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18082<span class="token punctuation">;</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name nexus.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6172143_nexus.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6172143_nexus.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://nexus_website<span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto <span class="token string">"https"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name repo.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6174303_repo.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6174303_repo.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> chunked_transfer_encoding on<span class="token punctuation">;</span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token variable">$request_method</span> ~* <span class="token string">'GET'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_group"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token variable">$request_uri</span> ~ <span class="token string">'/search'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://<span class="token variable">$upstream</span><span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_connect_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_send_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_read_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_buffering off<span class="token punctuation">;</span> proxy_request_buffering off<span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto http<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span> 
<span class="token function">cp</span> /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/nexus.conf  upstream nexus_website <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:8081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_hosted <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_group <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18082<span class="token punctuation">;</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name nexus.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6172143_nexus.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6172143_nexus.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://nexus_website<span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto <span class="token string">"https"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name repo.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6174303_repo.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6174303_repo.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> chunked_transfer_encoding on<span class="token punctuation">;</span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token variable">$request_method</span> ~* <span class="token string">'GET'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_group"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token variable">$request_uri</span> ~ <span class="token string">'/search'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://<span class="token variable">$upstream</span><span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_connect_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_send_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_read_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_buffering off<span class="token punctuation">;</span> proxy_request_buffering off<span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto http<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span> 
cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/nexus.conf  upstream nexus_website { server 10.11.1.13:8081; } upstream nexus_docker_hosted { server 10.11.1.13:18081; } upstream nexus_docker_group { server 10.11.1.13:18082; } server { listen 443 ssl http2; listen 80; server_name nexus.opsbugs.com; ssl_certificate /etc/nginx/cert/6172143_nexus.opsbugs.com.pem; ssl_certificate_key /etc/nginx/cert/6172143_nexus.opsbugs.com.key; client_max_body_size 10G; location / { proxy_pass http://nexus_website; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto "https"; } } server { listen 443 ssl http2; listen 80; server_name repo.opsbugs.com; ssl_certificate /etc/nginx/cert/6174303_repo.opsbugs.com.pem; ssl_certificate_key /etc/nginx/cert/6174303_repo.opsbugs.com.key; client_max_body_size 10G; chunked_transfer_encoding on; set $upstream "nexus_docker_hosted"; if ( $request_method ~* 'GET') { set $upstream "nexus_docker_group"; } if ($request_uri ~ '/search') { set $upstream "nexus_docker_hosted"; } location / { proxy_pass http://$upstream; proxy_set_header Host $host; proxy_connect_timeout 3600; proxy_send_timeout 3600; proxy_read_timeout 3600; proxy_set_header X-Real-IP $remote_addr; proxy_buffering off; proxy_request_buffering off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto http; } }

3、集成LDAP

字段 内容
Name AD
LDAP server address ldap://10.11.10.1:389
Search Base DN ou=opsbugs,dc=opsbugs,dc=com
Authentication method Simple Authenticaition
Username or DN Administrator@opsbugs.com
Password
Conflguration template Active Directory
User relative DN
User filter (&(|(objectclass=person))(|(|(memberof=CN=运维,OU=运维,OU=opsbugs,DC=opsbugs,DC=com))))

部署helm仓库

 helm repo <span class="token function">add</span> opsbugshttps://nexus.opsbugs.com/repository/charts/ helm repo <span class="token function">add</span> bitnami https://charts.bitnami.com/bitnami  helm pull bitnami/postgresql-ha  helm plugin <span class="token function">install</span> --version master https://github.com/sonatype-nexus-community/helm-nexus-push.git  helm nexus-push opsbugs postgresql-ha-8.6.11.tgz -u xxx -p xxx  helm package ray/ helm nexus-push opsbugs ray-0.1.0.tgz -u xxx -p xxxx 
 helm repo <span class="token function">add</span> opsbugshttps://nexus.opsbugs.com/repository/charts/ helm repo <span class="token function">add</span> bitnami https://charts.bitnami.com/bitnami  helm pull bitnami/postgresql-ha  helm plugin <span class="token function">install</span> --version master https://github.com/sonatype-nexus-community/helm-nexus-push.git  helm nexus-push opsbugs postgresql-ha-8.6.11.tgz -u xxx -p xxx  helm package ray/ helm nexus-push opsbugs ray-0.1.0.tgz -u xxx -p xxxx 
 helm repo add opsbugshttps://nexus.opsbugs.com/repository/charts/ helm repo add bitnami https://charts.bitnami.com/bitnami  helm pull bitnami/postgresql-ha  helm plugin install --version master https://github.com/sonatype-nexus-community/helm-nexus-push.git  helm nexus-push opsbugs postgresql-ha-8.6.11.tgz -u xxx -p xxx  helm package ray/ helm nexus-push opsbugs ray-0.1.0.tgz -u xxx -p xxxx

原文链接:https://blog.csdn.net/weixin_45027467/article/details/124978916

© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。 本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END
群晖
喜欢就支持一下吧
点赞0 分享
相关推荐
吞天雀AI助手-陌上烟雨遥
文章目录
幻灯片-陌上烟雨遥

群晖nas和微软服务器差别,群晖nas和希捷家庭云服务器区别

阿里云轻量应用服务器2核4G配置5M带宽优惠价格100元/年1100GB流量

阿里云【SSL证书】购买->申请->负载均衡部署配置流程(附图)

在Ubuntu上配置jdk1.8、部署ActiveMQ、NTP时间服务器、NGINX、Redis

SSL证书

VMware配置Ubuntu操作系统(图文详细)

SpringBoot启动jar配置SSL证书

Linux系统Apache SSL安装与配置

https配置指导

Centos8 docker安装的 nginx(使用本地 hosts 配置域名)实现反向代理失败的解决办法

绿联串口线linux驱动下载,绿联pl2303转串口驱动下载

【教程】群晖Docker安装HomeAssistant

j3455安装linux 4k驱动,J3455安装centos步骤

简单五步设置群晖NAS绑定自有域名实现外网访问

轻松搭建家用nas(10分钟搞懂NAS入门看这篇)

内网穿透工具,连接你的云服务器与本地计算机—-frp的简单使用介绍

AI 系统首次实现真正自主编程,完爆初级程序员

群晖NAS部署nas-tools之一:nastool、qbittorrent、plex安装和基础设置

黑群晖安装和使用的常见问题及解决办法【不定期更新中】

手把手教你组建搭建黑群晖NAS第二篇:教你怎么安装黑群晖系统详细教程

Openwrt 作为旁路网关(不是旁路由!!)正确配置方法,性能测试 —— 破解迷思

群晖安装OpenWrt(iStoreOS)构建旁路由配置

群晖套件推荐哪些(2023年9款群晖套件推荐)

套件开发 群晖nas_群晖NAS套件中心无法打开,以及quickconnect远程访问无法登录的解决办法…

群晖docker必装软件(群晖docker使用教程)

【总结】PT入门教程 -以m-team.cc 馒头为例 邀请码分享

群晖虚拟机VMM装OpenWrt软路由宽带跑不满的一些坑

NAS | 群晖安装 qBittorrent 套件并优化设置、替换 UI(非 docker 安装) | 醉渔小站

群晖NAS如何设置管理IP及固定IP

群晖nas同步微云方法(用第三方套件通过Cloud)

联发科x30处理器相当于骁龙多少

骁龙8+处理器怎么样 骁龙8+相当于天玑多少

三星、台积电都被美国人控股?任正非:华为就是要九死一生

天玑92000相当于骁龙多少处理器(天玑920780g)

为什么主流NAS产品的外网访问速度都很慢?

12代cpu性能天梯图

「NAS」黑群晖7.1最新版本合集(DS918+/DS3617xs/DS3622xs,04月22日更新支持7.1.1-42962-Update5)

openwrt系统下修改网关_「超详细教程」在群晖安装openwrt软路由

骁龙处理器排名手机处理器排名2023天梯榜

群晖NAS系统如何配置网口聚合方法教程

换新网络后,群辉NAS如何手动更换为新静态IP-陌上烟雨遥
2405人已阅读
换新网络后,群辉NAS如何手动更换为新静态IP
TOP1
Openwrt 作为旁路网关(不是旁路由!!)正确配置方法,性能测试 —— 破解迷思-陌上烟雨遥
Openwrt 作为旁路网关(不是旁路由!!)正确配置方法,性能测试 —— 破解迷思
2年前2255人已阅读
TOP2
如何查看群晖套件的安装目录及套件位置-陌上烟雨遥
如何查看群晖套件的安装目录及套件位置
2年前2060人已阅读
TOP3
群晖安装OpenWrt(iStoreOS)构建旁路由配置-陌上烟雨遥
群晖安装OpenWrt(iStoreOS)构建旁路由配置
2年前2017人已阅读
TOP4
移动宽带配置IPV6环境,通过外网访问群晖NAS-陌上烟雨遥
移动宽带配置IPV6环境,通过外网访问群晖NAS
2年前1874人已阅读
TOP5
群晖套件推荐哪些(2023年9款群晖套件推荐)-陌上烟雨遥
群晖套件推荐哪些(2023年9款群晖套件推荐)
2年前1684人已阅读
TOP6
黑群晖菜鸟安装教程(一)制作U盘引导及软洗白!-陌上烟雨遥
黑群晖菜鸟安装教程(一)制作U盘引导及软洗白!
2年前1682人已阅读
TOP7
群晖NAS搭建DDNS服务操作和步骤(使用dnspod域名解析)-陌上烟雨遥
群晖NAS搭建DDNS服务操作和步骤(使用dnspod域名解析)
2年前1569人已阅读
TOP8
【保姆教程】115网盘终于支持群晖nas啦!手把手教你群晖NAS-docker安装115网盘!-陌上烟雨遥
【保姆教程】115网盘终于支持群晖nas啦!手把手教你群晖NAS-docker安装115网盘!
2年前1556人已阅读
TOP9
iStoreOS 使用 阿里云 ddns + https-陌上烟雨遥
iStoreOS 使用 阿里云 ddns + https
2年前1497人已阅读
TOP10
热搜标签
nas群晖dockerwordpress软件DDNS路由硬盘存储硬盘docker命令https域名电脑硬盘mysqlfrpseo电脑nas存储frp内网穿透镜像固态硬盘域名服务器nas服务器linux系统阿里OpenWrt域名解析网站服务器linux服务器虚拟机
文章分类
陌上云铁威马路由器读书笔记群晖绿联ugnas极空间新随笔数码资讯教程转载教程学习技术经验心情随笔小米NAS宝塔威联通域名优质教程产品推荐云计算