Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added postgres configuration files #144

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,9 @@ target/
atlassian-ide-plugin.xml
dependency-reduced-pom.xml
out

#License file
*.lic
*.crt
*.key
*.pfx
108 changes: 108 additions & 0 deletions Dockerfile.rh.postgresql.centos
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
# Copyright (c) 2016-present Sonatype, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

FROM centos:centos7

LABEL name="Nexus Repository Manager" \
maintainer="Sonatype <[email protected]>" \
vendor=Sonatype \
version="3.40.1-01" \
release="3.40.1" \
url="https://sonatype.com" \
summary="The Nexus Repository Manager server \
with universal support for popular component formats." \
description="The Nexus Repository Manager server \
with universal support for popular component formats." \
run="docker run -d --name NAME \
-p 8081:8081 \
IMAGE" \
stop="docker stop NAME" \
com.sonatype.license="Apache License, Version 2.0" \
com.sonatype.name="Nexus Repository Manager base image" \
io.k8s.description="The Nexus Repository Manager server \
with universal support for popular component formats." \
io.k8s.display-name="Nexus Repository Manager" \
io.openshift.expose-services="8081:8081" \
io.openshift.tags="Sonatype,Nexus,Repository Manager"

ARG NEXUS_VERSION=3.40.1-01
ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/nexus/3/nexus-${NEXUS_VERSION}-unix.tar.gz
ARG NEXUS_DOWNLOAD_SHA256_HASH=97f4e847e5c2ba714b09456f9fb5f449c7e89b2f0a2b8c175f36cc31f345774e

# configure nexus runtime
ENV SONATYPE_DIR=/opt/sonatype
ENV NEXUS_HOME=${SONATYPE_DIR}/nexus \
NEXUS_DATA=/nexus-data \
NEXUS_CONTEXT='' \
SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \
DOCKER_TYPE='rh-docker'

ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION="release-0.5.20220111-153152.2b86c3a"
ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL="https://github.com/sonatype/chef-nexus-repository-manager/releases/download/${NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION}/chef-nexus-repository-manager.tar.gz"


ADD solo.json.erb /var/chef/solo.json.erb


# Install using chef-solo
RUN curl -L https://omnitruck.chef.io/install.sh | bash -s -- -v 14.12.9 \
&& /opt/chef/embedded/bin/erb /var/chef/solo.json.erb > /var/chef/solo.json \
&& chef-solo \
--node_name nexus_repository_red_hat_docker_build \
--recipe-url ${NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL} \
--json-attributes /var/chef/solo.json \
&& rpm -qa *chef* | xargs rpm -e \
&& rpm --rebuilddb \
&& rm -rf /etc/chef \
&& rm -rf /opt/chefdk \
&& rm -rf /var/cache/yum \
&& rm -rf /var/chef

#Configure Nexus
#

ARG POSTGRES_USER
ARG POSTGRES_PASSWORD
ARG POSTGRES_DB
RUN mkdir ${NEXUS_DATA}/etc/fabric

ADD config/nexus.properties ${NEXUS_DATA}/etc/nexus.properties

RUN sed -i "s/POSTGRES_USER/${POSTGRES_USER}/g" ${NEXUS_DATA}/etc/nexus.properties
RUN sed -i "s/POSTGRES_PASSWORD/${POSTGRES_PASSWORD}/g" ${NEXUS_DATA}/etc/nexus.properties
RUN sed -i "s/POSTGRES_DB/${POSTGRES_DB}/g" ${NEXUS_DATA}/etc/nexus.properties

ADD config/nexus-store.properties ${NEXUS_DATA}/etc/fabric/nexus-store.properties

RUN sed -i "s/POSTGRES_USER/${POSTGRES_USER}/g" ${NEXUS_DATA}/etc/fabric/nexus-store.properties
RUN sed -i "s/POSTGRES_PASSWORD/${POSTGRES_PASSWORD}/g" ${NEXUS_DATA}/etc/fabric/nexus-store.properties
RUN sed -i "s/POSTGRES_DB/${POSTGRES_DB}/g" ${NEXUS_DATA}/etc/fabric/nexus-store.properties

RUN chown nexus:nexus -R ${NEXUS_DATA}/etc/fabric ${NEXUS_DATA}/etc/fabric/nexus-store.properties


#Add license
ARG LICENSE
ADD ${LICENSE} ${NEXUS_DATA}/license.lic

VOLUME ${NEXUS_DATA}

EXPOSE 8081

USER nexus

ENV INSTALL4J_ADD_VM_PARAMS="-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs"

ENTRYPOINT ["/uid_entrypoint.sh"]
CMD ["sh", "-c", "${SONATYPE_DIR}/start-nexus-repository-manager.sh"]
17 changes: 14 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -91,9 +91,9 @@ We are using `rspec` as the test framework. `serverspec` provides a docker backe
A Red Hat certified container image can be created using [Dockerfile.rh.ubi](https://github.com/sonatype/docker-nexus3/blob/master/Dockerfile.rh.ubi) which is built to be compliant with Red Hat certification.
The image includes additional meta data to comform with Kubernetes and OpenShift standards, a directory with the
licenses applicable to the software and a man file for help on how to use the software. It also uses an ENTRYPOINT
script the ensure the running user has access to the appropriate permissions for OpenShift 'restricted' SCC.
script the ensure the running user has access to the appropriate permissions for OpenShift 'restricted' SCC.

The Red Hat certified container image is available from the
The Red Hat certified container image is available from the
[Red Hat Container Catalog](https://access.redhat.com/containers/#/registry.connect.redhat.com/sonatype/nexus-repository-manager)
and qualified accounts can pull it from registry.connect.redhat.com.

Expand Down Expand Up @@ -133,7 +133,7 @@ process, which runs as UID 200.

Of particular note, `-Djava.util.prefs.userRoot=/some-other-dir` can be set to a persistent path, which will maintain
the installed Nexus Repository License if the container is restarted.

Be sure to check the [memory requirements](https://help.sonatype.com/display/NXRM3/System+Requirements#SystemRequirements-MemoryRequirements) when deciding how much heap and direct memory to allocate.

* Another environment variable can be used to control the Nexus Context Path
Expand Down Expand Up @@ -169,6 +169,17 @@ for additional information.
$ mkdir /some/dir/nexus-data && chown -R 200 /some/dir/nexus-data
$ docker run -d -p 8081:8081 --name nexus -v /some/dir/nexus-data:/nexus-data sonatype/nexus3
```
### PostgreSQL support
Licence key is mandatory

configure database and licence variable

```
docker-compose -f docker-compose.postgresql.yml up
```

Docker compose use Dockerfile.rh.postgresql.centos


## Getting Help

Expand Down
5 changes: 5 additions & 0 deletions config/nexus-store.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
username=POSTGRES_USER
password=POSTGRES_PASSWORD
name=nexus
type=jdbc
jdbcUrl=jdbc\:postgresql\://postgresql\:5432/POSTGRES_DB
6 changes: 6 additions & 0 deletions config/nexus.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
nexus.datastore.enabled=true
nexus.licenseFile=${NEXUS_DATA}/license.lic
nexus.datastore.enabledi=true
nexus.datastore.nexus.jdbcUrl=jdbc\:postgresql\://postgresql\:5432/POSTGRES_DB
nexus.datastore.nexus.username=POSTGRES_USER
nexus.datastore.nexus.password=POSTGRES_PASSWORD
82 changes: 82 additions & 0 deletions docker-compose.postgresql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
version: "3"
services:
# HTTPS proxy
nginx-proxy:
image: nginxproxy/nginx-proxy:alpine
container_name: nginx-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
# Keep the dhparams (Should generate on the first run)
- dhparam:/etc/nginx/dhparam

# Push the certs to nginx
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./etc_nginx_certs:/etc/nginx/certs
- ./var_log_nginx:/var/log/nginx
- ./etc_nginx_conf.d/client_max_body_size.conf:/etc/nginx/conf.d/client_max_body_size.conf:ro

depends_on:
- nexus
# Artifact storage
nexus:
container_name: nexus
environment:
VIRTUAL_HOST: "nexus-new.fields.local"
VIRTUAL_PORT: "8081"
build:
context: .
dockerfile: Dockerfile.rh.postgresql.centos
args:
LICENSE: sonatype-repository-manager-trial.lic
POSTGRES_USER: nexus3
POSTGRES_PASSWORD: REDACTED
POSTGRES_DB: nexus3
ports:
- "8081"

restart: always
stop_grace_period: 2m
volumes:
- nexus-data:/nexus-data
depends_on:
- postgres

adminer:
image: adminer
container_name: adminer
restart: always
environment:
VIRTUAL_HOST: "adminer.fields.local"
VIRTUAL_PORT: "8080"
ADMINER_DEFAULT_SERVER: postgresql
ports:
- "8080"
depends_on:
- postgres

# PostgreSQL Database
postgres:
image: postgres:latest
container_name: postgresql
restart: always
ports:
- "5432"
environment:
POSTGRES_USER: nexus3
POSTGRES_PASSWORD: REDACTED
POSTGRES_DB: nexus3
volumes:
- pgdata:/var/lib/postgresql/data

volumes:
nexus-data:
pgdata:
dhparam:

networks:
default:
external:
name: nginx-proxy
1 change: 1 addition & 0 deletions etc_nginx_conf.d/client_max_body_size.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
client_max_body_size 150m;