1、使用docker-compose部署
<span class="token function">mkdir</span> -p /srv/nexus/nexus-compose/ <span class="token function">mkdir</span> -p /srv/nexus/data <span class="token function">chown</span> <span class="token number">200</span> -R /srv/nexus/data/ version: <span class="token string">'3'</span> services: nexus3: restart: always image: sonatype/nexus3:3.33.1 ports: - <span class="token number">10.11</span>.1.13:8081:8081 - <span class="token number">10.11</span>.1.13:18081:8081 - <span class="token number">10.11</span>.1.13:18082:8082 volumes: - /srv/nexus/data:/nexus-data <span class="token builtin class-name">cd</span> /srv/nexus/nexus-compose/ <span class="token function">docker-compose</span> up -d<span class="token function">mkdir</span> -p /srv/nexus/nexus-compose/ <span class="token function">mkdir</span> -p /srv/nexus/data <span class="token function">chown</span> <span class="token number">200</span> -R /srv/nexus/data/ version: <span class="token string">'3'</span> services: nexus3: restart: always image: sonatype/nexus3:3.33.1 ports: - <span class="token number">10.11</span>.1.13:8081:8081 - <span class="token number">10.11</span>.1.13:18081:8081 - <span class="token number">10.11</span>.1.13:18082:8082 volumes: - /srv/nexus/data:/nexus-data <span class="token builtin class-name">cd</span> /srv/nexus/nexus-compose/ <span class="token function">docker-compose</span> up -dmkdir -p /srv/nexus/nexus-compose/ mkdir -p /srv/nexus/data chown 200 -R /srv/nexus/data/ version: '3' services: nexus3: restart: always image: sonatype/nexus3:3.33.1 ports: - 10.11.1.13:8081:8081 - 10.11.1.13:18081:8081 - 10.11.1.13:18082:8082 volumes: - /srv/nexus/data:/nexus-data cd /srv/nexus/nexus-compose/ docker-compose up -d
2、配置Nginx代理
<span class="token function">cp</span> /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/nexus.conf upstream nexus_website <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:8081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_hosted <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_group <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18082<span class="token punctuation">;</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name nexus.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6172143_nexus.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6172143_nexus.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://nexus_website<span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto <span class="token string">"https"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name repo.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6174303_repo.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6174303_repo.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> chunked_transfer_encoding on<span class="token punctuation">;</span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token variable">$request_method</span> ~* <span class="token string">'GET'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_group"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token variable">$request_uri</span> ~ <span class="token string">'/search'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://<span class="token variable">$upstream</span><span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_connect_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_send_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_read_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_buffering off<span class="token punctuation">;</span> proxy_request_buffering off<span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto http<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span><span class="token function">cp</span> /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/nexus.conf upstream nexus_website <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:8081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_hosted <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18081<span class="token punctuation">;</span> <span class="token punctuation">}</span> upstream nexus_docker_group <span class="token punctuation">{<!-- --></span> server <span class="token number">10.11</span>.1.13:18082<span class="token punctuation">;</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name nexus.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6172143_nexus.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6172143_nexus.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://nexus_website<span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto <span class="token string">"https"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span> server <span class="token punctuation">{<!-- --></span> listen <span class="token number">443</span> ssl http2<span class="token punctuation">;</span> listen <span class="token number">80</span><span class="token punctuation">;</span> server_name repo.opsbugs.com<span class="token punctuation">;</span> ssl_certificate /etc/nginx/cert/6174303_repo.opsbugs.com.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/cert/6174303_repo.opsbugs.com.key<span class="token punctuation">;</span> client_max_body_size 10G<span class="token punctuation">;</span> chunked_transfer_encoding on<span class="token punctuation">;</span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token variable">$request_method</span> ~* <span class="token string">'GET'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_group"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token variable">$request_uri</span> ~ <span class="token string">'/search'</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> <span class="token builtin class-name">set</span> <span class="token variable">$upstream</span> <span class="token string">"nexus_docker_hosted"</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> location / <span class="token punctuation">{<!-- --></span> proxy_pass http://<span class="token variable">$upstream</span><span class="token punctuation">;</span> proxy_set_header Host <span class="token variable">$host</span><span class="token punctuation">;</span> proxy_connect_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_send_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_read_timeout <span class="token number">3600</span><span class="token punctuation">;</span> proxy_set_header X-Real-IP <span class="token variable">$remote_addr</span><span class="token punctuation">;</span> proxy_buffering off<span class="token punctuation">;</span> proxy_request_buffering off<span class="token punctuation">;</span> proxy_set_header X-Forwarded-For <span class="token variable">$proxy_add_x_forwarded_for</span><span class="token punctuation">;</span> proxy_set_header X-Forwarded-Proto http<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span>cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/nexus.conf upstream nexus_website { server 10.11.1.13:8081; } upstream nexus_docker_hosted { server 10.11.1.13:18081; } upstream nexus_docker_group { server 10.11.1.13:18082; } server { listen 443 ssl http2; listen 80; server_name nexus.opsbugs.com; ssl_certificate /etc/nginx/cert/6172143_nexus.opsbugs.com.pem; ssl_certificate_key /etc/nginx/cert/6172143_nexus.opsbugs.com.key; client_max_body_size 10G; location / { proxy_pass http://nexus_website; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto "https"; } } server { listen 443 ssl http2; listen 80; server_name repo.opsbugs.com; ssl_certificate /etc/nginx/cert/6174303_repo.opsbugs.com.pem; ssl_certificate_key /etc/nginx/cert/6174303_repo.opsbugs.com.key; client_max_body_size 10G; chunked_transfer_encoding on; set $upstream "nexus_docker_hosted"; if ( $request_method ~* 'GET') { set $upstream "nexus_docker_group"; } if ($request_uri ~ '/search') { set $upstream "nexus_docker_hosted"; } location / { proxy_pass http://$upstream; proxy_set_header Host $host; proxy_connect_timeout 3600; proxy_send_timeout 3600; proxy_read_timeout 3600; proxy_set_header X-Real-IP $remote_addr; proxy_buffering off; proxy_request_buffering off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto http; } }
3、集成LDAP
字段 | 内容 |
---|---|
Name | AD |
LDAP server address | ldap://10.11.10.1:389 |
Search Base DN | ou=opsbugs,dc=opsbugs,dc=com |
Authentication method | Simple Authenticaition |
Username or DN | Administrator@opsbugs.com |
Password | |
Conflguration template | Active Directory |
User relative DN | 空 |
User filter | (&(|(objectclass=person))(|(|(memberof=CN=运维,OU=运维,OU=opsbugs,DC=opsbugs,DC=com)))) |
部署helm仓库
helm repo <span class="token function">add</span> opsbugshttps://nexus.opsbugs.com/repository/charts/ helm repo <span class="token function">add</span> bitnami https://charts.bitnami.com/bitnami helm pull bitnami/postgresql-ha helm plugin <span class="token function">install</span> --version master https://github.com/sonatype-nexus-community/helm-nexus-push.git helm nexus-push opsbugs postgresql-ha-8.6.11.tgz -u xxx -p xxx helm package ray/ helm nexus-push opsbugs ray-0.1.0.tgz -u xxx -p xxxxhelm repo <span class="token function">add</span> opsbugshttps://nexus.opsbugs.com/repository/charts/ helm repo <span class="token function">add</span> bitnami https://charts.bitnami.com/bitnami helm pull bitnami/postgresql-ha helm plugin <span class="token function">install</span> --version master https://github.com/sonatype-nexus-community/helm-nexus-push.git helm nexus-push opsbugs postgresql-ha-8.6.11.tgz -u xxx -p xxx helm package ray/ helm nexus-push opsbugs ray-0.1.0.tgz -u xxx -p xxxxhelm repo add opsbugshttps://nexus.opsbugs.com/repository/charts/ helm repo add bitnami https://charts.bitnami.com/bitnami helm pull bitnami/postgresql-ha helm plugin install --version master https://github.com/sonatype-nexus-community/helm-nexus-push.git helm nexus-push opsbugs postgresql-ha-8.6.11.tgz -u xxx -p xxx helm package ray/ helm nexus-push opsbugs ray-0.1.0.tgz -u xxx -p xxxx
原文链接:https://blog.csdn.net/weixin_45027467/article/details/124978916
© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。
本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END