Nexus Repository - install and configure using Docker

Feature availability

Integration with Nexus Repository Manager is available only with Enterprise plans. For more information, see plans and pricing.

Before installing, review the prerequisites and the general instructions for installation using Docker.

This integration is useful to ensure a secure connection with your on-premise Nexus Repository Manager deployment.

For information about non-brokered integration with Nexus Repository Manager including supported environments and versions and user permissions, see Nexus Repository Manager setup. For information about brokered integration with Nexus Container Registry see Snyk Broker -Container Registry Agent.

Configure Broker to be used for Nexus plugins

Docker pull for Nexus 3 and Nexus 2 configuration

To use the Broker client with a Nexus 3 deployment, run docker pull snyk/broker:nexus.

To use the Broker client with a Nexus 2 deployment, run docker pull snyk/broker:nexus2.

For definitions of the environment variables, see Nexus Repository - environment variables for Snyk Broker.

Docker run commands to set up Broker Client for Nexus 3 and Nexus 2 integrations

Multi-tenant settings for regions other than the default When you set up Snyk Broker for use in regions other than the default, additional environment variables with specific URLs are required. For the URLs and examples, see Regional hosting and data residency, Broker URLs.

Copy the following command to set up a fully configured Broker Client to use with Nexus 3. You can run the Docker container by providing the relevant configuration:

docker run --restart=always \
           -p 7341:7341 \
           -e BROKER_TOKEN=secret-broker-token \
           -e BASE_NEXUS_URL=https://[<user>:<pass>@]<your.nexus.hostname> \
           -e BROKER_CLIENT_VALIDATION_URL=https://<your.nexus.hostname>/service/rest/v1/status[/check] \
           -e RES_BODY_URL_SUB=https://<your.nexus.hostname>/repository \
       snyk/broker:nexus

Copy the following command to set up a fully configured Broker Client to use with Nexus 2. You can run the Docker container by providing the relevant configuration:

docker run --restart=always \
  -p 7341:7341 \
  -e BROKER_TOKEN=<secret-broker-token> \
  -e BASE_NEXUS_URL=https://[username:password]@acme.com \
  -e RES_BODY_URL_SUB=https://acme.com/nexus/content/(groups|repositories) \
  snyk/broker:nexus2

You can find your BASE_NEXUS_URL by visiting the Nexus UI and navigating to the server tab under Administration, then selecting the Base URL entry without a trailing slash. This will typically end with /nexus, but may vary with non-default deployments. If you have a custom base URL then you must also set the NEXUS_URL environment variable to point to the URL where your repositories live. By default this is configured as /nexus/content but should follow a similar format to your base URL.

As an alternative to using the Docker run command, you can use a derived Docker image to set up the Broker Client integration. See Derived Docker images for the environment variables to override for the Nexus3 integration.

Start the Broker Client container and verify the connection with Nexus Repository Manager

Paste the Broker Client configuration to start the Broker Client container.

Check connection status by making a request to the Broker Client /systemcheck endpoint.

Example: curl http://172.17.0.2:7341/systemcheck

You see success output in the following form:

{"brokerClientValidationUrl":"https://acme.com/service/rest/v1/status","brokerClientValidationMethod":"GET","brokerClientValidationTimeoutMs":5000,"brokerClientValidationUrlStatusCode":200,"ok":true}

Or failure output in the following form:

{"brokerClientValidationUrl":"https://acme.com/service/rest/v1/status","brokerClientValidationMethod":"GET","brokerClientValidationTimeoutMs":5000,"ok":false,"error":"ETIMEDOUT"}

Last updated

More information

Snyk privacy policy

© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.