nexus
: Install and configure Sonatype Nexus Repository Manager 3.nexus::config::admin
: Manage the nexus repository manager administrator accountnexus::config::anonymous
: Manage if anonymous user have access to nexus repository managernexus::config::default_repositories
: Removes the default repositories for maven and nugetnexus::config::device
: Create puppet device config used to connect to the rest apinexus::config::email
: Manage the nexus repository manager email settingsnexus::config::properties
: A short summary of the purpose of this classnexus::plugin::composer
: Install the composer repository format plugin
nexus::config
: Configure nexus repository managernexus::package
: Install the Nexus Repository Manager packagenexus::plugin
: Base class used by plugin classesnexus::service
: Maintains the Nexus servicenexus::user
: Manages the operation system user account which is used to start up the service
nexus::resource::blobstore::file
: Resource to manage (local) file blobstorenexus::resource::repository::apt::proxy
: Resource to manage apt proxy repositorynexus::resource::repository::docker::group
: Resource to manage docker group repositorynexus::resource::repository::docker::hosted
: Resource to manage docker hosted repositorynexus::resource::repository::docker::proxy
: Resource to manage docker proxy repositorynexus::resource::repository::npm::group
: Resource to manage npm group repositorynexus::resource::repository::npm::hosted
: Resource to manage npm hosted repositorynexus::resource::repository::npm::proxy
: Resource to manage npm proxy repositorynexus::resource::repository::yum::hosted
: Resource to manage yum hosted repositorynexus::resource::repository::yum::proxy
: Resource to manage yum proxy repository
nexus_blobstore
: Raw provider to configure blobstore over the nexus repository manager rest api. Please use the defined types instead of this one directly.nexus_repository
: Raw provider to configure repository over the nexus repository manager rest api. Please use the defined types instead of this one directly.nexus_setting
: Raw provider to set settings over the nexus repository manager rest api. Please use nexus::config::* classes instead of this one directly.nexus_user
: Manage nexus repository users
Install and configure Sonatype Nexus Repository Manager 3.
class{ 'nexus':
version => '3.37.3-02',
}
The following parameters are available in the nexus
class:
version
download_folder
download_site
download_proxy
install_root
work_dir
user
group
host
port
manage_api_resources
manage_config
manage_user
manage_work_dir
purge_installations
purge_default_repositories
Data type: Pattern[/3.\d+.\d+-\d+/]
The version to download, install and manage.
Data type: Stdlib::Absolutepath
Destination folder of the downloaded archive.
Data type: Stdlib::HTTPUrl
Download uri which will be appended with filename of the archive to download.
Data type: Optional[Stdlib::HTTPUrl]
Proxyserver address which will be used to download the archive file.
Data type: Stdlib::Absolutepath
The root filesystem path where the downloaded archive will be extracted to.
Data type: Stdlib::Absolutepath
The nexus repository manager working directory which contains the embedded database and local blobstores.
Data type: String[1]
The operation system user used to start the nexus repository manager service.
Data type: String[1]
The operation system group used to start the nexus repository manager service.
Data type: Stdlib::Host
The bind address where the nexus repository manager service should bind to.
Data type: Stdlib::Port
The port which the nexus repository manager service should use.
Data type: Boolean
Set if this module should manage resources which require to be set over the nexus repository manager rest api.
Data type: Boolean
Set if this module should manage the config file of nexus repository manager.
Data type: Boolean
Set if this module should manage the creation of the operation system user.
Data type: Boolean
Set if this module should manage the work directory of the nexus repository manager.
Data type: Boolean
Set this option if you want old installations of nexus repository manager to get automatically deleted.
Data type: Boolean
Set this option if you want to remove the default created maven and nuget repositories.
Manage the nexus repository manager administrator account
include nexus::config::admin
The following parameters are available in the nexus::config::admin
class:
Data type: String[1]
The username of the administrator.
Default value: 'admin'
Data type: String[1]
The first name of the administrator.
Default value: 'Administrator'
Data type: String[1]
The last name of the administrator.
Default value: 'User'
Data type: String[1]
The email address of the administrator.
Default value: 'admin@example.org'
Data type: Array[String[1]]
The assigned roles of the administrator. It should include 'nx-admin'.
Default value: ['nx-admin']
Data type: Optional[Variant[String[1], Sensitive[String[1]]]]
The password of the administrator. If not given there will be generated a random password.
Default value: undef
Manage if anonymous user have access to nexus repository manager
include nexus::config::anonymous
The following parameters are available in the nexus::config::anonymous
class:
Data type: Boolean
Enable if anonymous/not logged in user have access to nexus repository manager.
Default value: false
Data type: String[1]
The nexus repository manager user id/name used to determine access.
Default value: 'anonymous'
Data type: String[1]
Realm name used for anonymous user.
Default value: 'NexusAuthorizingRealm'
Removes the default repositories for maven and nuget
include nexus::config::default_repositories
Create puppet device config used to connect to the rest api
Manage the nexus repository manager email settings
include nexus::config::email
The following parameters are available in the nexus::config::email
class:
enabled
host
port
username
password
from_address
subject_prefix
start_tls_enabled
start_tls_required
ssl_on_connect_enabled
ssl_server_identity_check_enabled
nexus_trust_store_enabled
Data type: Boolean
Enable to let nexus repository manager send emails.
Default value: false
Data type: Stdlib::Host
The smtp host to connect to.
Default value: 'localhost'
Data type: Stdlib::Port
The port to connect to send emails.
Default value: 25
Data type: String
The username to connect to the smtp server.
Default value: ''
Data type: Optional[String]
The password to connect to the smtp server.
Default value: undef
Data type: String[1]
The email address used to set as From-Header.
Default value: 'nexus@example.org'
Data type: String
Prefix which will be added to all emails.
Default value: ''
Data type: Boolean
Enable STARTTLS support for insecure connections.
Default value: false
Data type: Boolean
Require STARTTLS support.
Default value: false
Data type: Boolean
Enable SSL/TLS encryption upon connection.
Default value: false
Data type: Boolean
Enable server identity check.
Default value: false
Data type: Boolean
Use certificates stored in the Nexus truststore to connect to external systems.
Default value: false
A description of what this class does
include nexus::config::properties
Install the composer repository format plugin
class { 'nexus':
version => '3.34.3-02',
}
class { 'nexus::plugin::composer':
version => '0.0.18',
}
The following parameters are available in the nexus::plugin::composer
class:
Data type: Pattern[/\d+.\d+.\d+/]
The composer repository format plugin version.
Resource to manage (local) file blobstore
nexus::blobstore::file { 'apt-hosted': }
The following parameters are available in the nexus::resource::blobstore::file
defined type:
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent
Default value: 'present'
Data type: Variant[Stdlib::Absolutepath, String[1]]
The (local) path of the disk where the content of the blobstore should be stored. Non absolute paths will use the working directory as base path. The nexus (service) user needs write access to this path.
Default value: $title
Resource to manage apt proxy repository
nexus::repository::apt::proxy { 'apt-debian':
apt_distribution => $facts['os']['distro']['codename'],
proxy_remote_url => 'https://deb.debian.org/debian/',
}
The following parameters are available in the nexus::resource::repository::apt::proxy
defined type:
apt_distribution
proxy_remote_url
apt_flat
ensure
http_client_auto_block
http_client_blocked
negative_cache_enabled
negative_cache_time_to_live
online
proxy_content_max_age
proxy_metadata_max_age
storage_blob_store_name
storage_strict_content_type_validation
storage_write_policy
Data type: String[1]
APT distribution like buster, bullseye used by nexus repository manager to query the upstream repository.
Data type: Stdlib::HTTPUrl
APT repository url like https://deb.debian.org/debian/.
Data type: Boolean
Is the upstream repository flat format?
Default value: false
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.
Default value: true
Data type: Boolean
Block outbound connections on the repository.
Default value: false
Data type: Boolean
Cache responses for content not present in the proxied repository.
Default value: true
Data type: Integer
How long to cache the fact that a file was not found in the repository (in minutes).
Default value: 1440
Data type: Boolean
Enable this repository in nexus repository manager that it can be used.
Default value: true
Data type: Integer
Max age of content (packages)
Default value: 1440
Data type: Integer
Max age of the repository metadata
Default value: 1440
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Enum['ALLOW']
Controls if deployments of and updates to artifacts are allowed.
Default value: 'ALLOW'
Resource to manage docker group repository
nexus::repository::docker::group { 'docker-group':
group_member_names => [
'docker-hosted',
'docker-docker.io',
],
}
The following parameters are available in the nexus::resource::repository::docker::group
defined type:
ensure
online
storage_blob_store_name
storage_strict_content_type_validation
group_member_names
docker_v1_enabled
docker_force_basic_auth
docker_http_port
docker_https_port
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Allow incoming requests to this repository.
Default value: true
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Array[String[1]]
Ordered array of the (docker) member to be grouped into this repository.
Default value: []
Data type: Boolean
Allow clients to use the V1 API to interact with this repository.
Default value: false
Data type: Boolean
Allow anonymous docker pull ( Docker Bearer Token Realm required ).
Default value: true
Data type: Optional[Stdlib::Port]
Create an HTTP connector at specified port. Normally used if the server is behind a secure proxy.
Default value: undef
Data type: Optional[Stdlib::Port]
Create an HTTPS connector at specified port. Normally used if the server is configured for https.
Default value: undef
Resource to manage docker hosted repository
nexus::repository::docker::hosted { 'docker-hosted':
}
The following parameters are available in the nexus::resource::repository::docker::hosted
defined type:
ensure
online
storage_blob_store_name
storage_strict_content_type_validation
storage_write_policy
component_proprietary_components
docker_v1_enabled
docker_force_basic_auth
docker_http_port
docker_https_port
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Allow incoming requests to this repository.
Default value: true
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Enum['ALLOW','ALLOW_ONCE','DENY']
Controls if deployments of and updates to artifacts are allowed.
Default value: 'ALLOW_ONCE'
Data type: Boolean
Components in this repository count as proprietary for namespace conflict attacks (requires Sonatype Nexus Firewall).
Default value: true
Data type: Boolean
Allow clients to use the V1 API to interact with this repository.
Default value: false
Data type: Boolean
Allow anonymous docker pull ( Docker Bearer Token Realm required ).
Default value: true
Data type: Optional[Stdlib::Port]
Create an HTTP connector at specified port. Normally used if the server is behind a secure proxy.
Default value: undef
Data type: Optional[Stdlib::Port]
Create an HTTPS connector at specified port. Normally used if the server is configured for https.
Default value: undef
Resource to manage docker proxy repository
nexus::repository::docker::proxy { 'docker-docker.io':
proxy_remote_url => 'https://registry-1.docker.io',
}
The following parameters are available in the nexus::resource::repository::docker::proxy
defined type:
proxy_remote_url
ensure
http_client_auto_block
http_client_blocked
negative_cache_enabled
negative_cache_time_to_live
online
proxy_content_max_age
proxy_metadata_max_age
storage_blob_store_name
storage_strict_content_type_validation
storage_write_policy
docker_v1_enabled
docker_force_basic_auth
docker_http_port
docker_https_port
docker_subdomain
docker_proxy_index_type
docker_proxy_index_url
docker_proxy_cache_foreign_layers
docker_proxy_foreign_layer_url_whitelist
Data type: Stdlib::HTTPSUrl
Docker repository url like https://registry-1.docker.io.
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.
Default value: true
Data type: Boolean
Block outbound connections on the repository.
Default value: false
Data type: Boolean
Cache responses for content not present in the proxied repository.
Default value: true
Data type: Integer
How long to cache the fact that a file was not found in the repository (in minutes).
Default value: 1440
Data type: Boolean
Enable this repository in nexus repository manager that it can be used.
Default value: true
Data type: Integer
Max age of content (packages).
Default value: 1440
Data type: Integer
Max age of the repository metadata.
Default value: 1440
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Enum['ALLOW','ALLOW_ONCE','DENY']
Controls if deployments of and updates to artifacts are allowed.
Default value: 'ALLOW'
Data type: Boolean
Allow clients to use the V1 API to interact with this repository.
Default value: false
Data type: Boolean
Allow anonymous docker pull ( Docker Bearer Token Realm required ).
Default value: true
Data type: Optional[Stdlib::Port]
Create an HTTP connector at specified port. Normally used if the server is behind a secure proxy.
Default value: undef
Data type: Optional[Stdlib::Port]
Create an HTTPS connector at specified port. Normally used if the server is configured for https.
Default value: undef
Data type: Optional[Stdlib::Fqdn]
Use the following subdomain to make push and pull requests for this repository.
Default value: undef
Data type: Enum['REGISTRY','HUB','CUSTOM']
Docker index type. See https://help.sonatype.com/repomanager3/nexus-repository-administration/formats/docker-registry/proxy-repository-for-docker#ProxyRepositoryforDocker-ConfiguringaCorrectRemoteStorageandDockerIndexURLPair
Default value: 'HUB'
Data type: Optional[Stdlib::HTTPSUrl]
If docker_proxy_index_type is CUSTOM you have to set the uri of the index api.
Default value: undef
Data type: Boolean
Allow Nexus Repository Manager to download and cache foreign layers.
Default value: false
Data type: Array[String[1]]
Regular expressions used to identify URLs that are allowed for foreign layer requests.
Default value: []
Resource to manage npm group repository
nexus::repository::npm::group { 'npm-group':
group_member_names => [
'npm-hosted',
'npm-npmjs.org',
],
}
The following parameters are available in the nexus::resource::repository::npm::group
defined type:
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Enable this repository in nexus repository manager that it can be used.
Default value: true
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Array[String[1]]
Ordered array of the (npm) member to be grouped into this repository.
Default value: []
Resource to manage npm hosted repository
nexus::repository::npm::hosted { 'npm-hosted': }
The following parameters are available in the nexus::resource::repository::npm::hosted
defined type:
ensure
online
storage_blob_store_name
storage_strict_content_type_validation
storage_write_policy
component_proprietary_components
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Enable this repository in nexus repository manager that it can be used.
Default value: true
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Enum['allow_once']
Controls if deployments of and updates to artifacts are allowed.
Default value: 'allow_once'
Data type: Boolean
Components in this repository count as proprietary for namespace conflict attacks (requires Sonatype Nexus Firewall).
Default value: true
Resource to manage npm proxy repository
nexus::repository::npm::proxy { 'npm-npmjs.org':
proxy_remote_url => 'https://registry.npmjs.org',
}
The following parameters are available in the nexus::resource::repository::npm::proxy
defined type:
proxy_remote_url
ensure
npm_remove_non_cataloged
npm_remove_quarantined
http_client_auto_block
http_client_blocked
negative_cache_enabled
negative_cache_time_to_live
online
proxy_content_max_age
proxy_metadata_max_age
storage_blob_store_name
storage_strict_content_type_validation
storage_write_policy
Data type: Stdlib::HTTPSUrl
NPM repository url like https://registry.npmjs.org.
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Remove non-cataloged versions from the npm package metadata. (Requires IQ: Audit and Quarantine)
Default value: false
Data type: Boolean
Remove quarantined versions from the npm package metadata. (Requires IQ: Audit and Quarantine)
Default value: false
Data type: Boolean
Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.
Default value: true
Data type: Boolean
Block outbound connections on the repository.
Default value: false
Data type: Boolean
Cache responses for content not present in the proxied repository.
Default value: true
Data type: Integer
How long to cache the fact that a file was not found in the repository (in minutes).
Default value: 1440
Data type: Boolean
Enable this repository in nexus repository manager that it can be used.
Default value: true
Data type: Integer
Max age of content (packages).
Default value: 1440
Data type: Integer
Max age of the repository metadata.
Default value: 1440
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Enum['ALLOW','ALLOW_ONCE','DENY']
Controls if deployments of and updates to artifacts are allowed.
Default value: 'ALLOW'
Resource to manage yum hosted repository
nexus::resource::repository::yum::hosted { 'yum-hosted':
repodata_depth => 5,
}
The following parameters are available in the nexus::resource::repository::yum::hosted
defined type:
ensure
online
storage_blob_store_name
storage_strict_content_type_validation
storage_write_policy
component_proprietary_components
repodata_depth
deploy_policy
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Allow incoming requests to this repository.
Default value: true
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Enum['ALLOW','ALLOW_ONCE','DENY']
Controls if deployments of and updates to artifacts are allowed.
Default value: 'ALLOW_ONCE'
Data type: Boolean
Components in this repository count as proprietary for namespace conflict attacks (requires Sonatype Nexus Firewall).
Default value: true
Data type: Integer
Set the depth of the directory in which the repodata/repomd.xml will be generated.
Default value: 0
Data type: Enum['STRICT','PERMISSIVE']
Set the deploy policy, whether or not a redeploy of rpm's is allowed.
Default value: 'STRICT'
Resource to manage yum proxy repository
nexus::resource::repository::yum::proxy { 'yum-oracle-latest':
proxy_remote_url => 'https://yum.oracle.com/repo/OracleLinux/OL7/latest/x86_64/',
}
The following parameters are available in the nexus::resource::repository::yum::proxy
defined type:
proxy_remote_url
ensure
http_client_auto_block
http_client_blocked
negative_cache_enabled
negative_cache_time_to_live
online
proxy_content_max_age
proxy_metadata_max_age
storage_blob_store_name
storage_strict_content_type_validation
storage_write_policy
Data type: Stdlib::HTTPSUrl
yum repository url like https://yum.oracle.com/repo/OracleLinux/OL7/latest/x86_64/.
Data type: Enum['present', 'absent']
Define if the resource should be created/present or deleted/absent.
Default value: 'present'
Data type: Boolean
Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.
Default value: true
Data type: Boolean
Block outbound connections on the repository.
Default value: false
Data type: Boolean
Cache responses for content not present in the proxied repository.
Default value: true
Data type: Integer
How long to cache the fact that a file was not found in the repository (in minutes).
Default value: 1440
Data type: Boolean
Enable this repository in nexus repository manager that it can be used.
Default value: true
Data type: Integer
Max age of content (packages)
Default value: 1440
Data type: Integer
Max age of the repository metadata
Default value: 1440
Data type: String[1]
The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.
Default value: $title
Data type: Boolean
Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.
Default value: true
Data type: Enum['ALLOW']
Controls if deployments of and updates to artifacts are allowed.
Default value: 'ALLOW'
Raw provider to configure blobstore over the nexus repository manager rest api.
Please use the defined types instead of this one directly.
The following properties are available in the nexus_blobstore
type.
Data type: Hash
The config settings of this blobstore definition.
Data type: Enum[present, absent]
Whether this resource should be present or absent on the target system.
Default value: present
Data type: Enum[azure, file, s3]
Blobstore type.
The following parameters are available in the nexus_blobstore
type.
namevar
Data type: String
The name of the resource you want to manage.
Raw provider to configure repository over the nexus repository manager rest api.
Please use the defined types instead of this one directly.
The following properties are available in the nexus_repository
type.
Data type: Hash
The config settings of this repository definition.
Data type: Enum[present, absent]
Whether this resource should be present or absent on the target system.
Default value: present
Data type: String
The format of the resource you want to manage
Data type: Enum[group, hosted, proxy]
Repository type.
The following parameters are available in the nexus_repository
type.
namevar
Data type: String
The name of the resource you want to manage.
Raw provider to set settings over the nexus repository manager rest api.
Please use nexus::config::* classes instead of this one directly.
The following properties are available in the nexus_setting
type.
Data type: Hash
The config settings returned from the given api endpoint.
Data type: Enum[present, absent]
Whether this resource should be present or absent on the target system.
Default value: present
The following parameters are available in the nexus_setting
type.
namevar
Data type: String
The api endpoint of simple nexus config settings.
nexus_user { 'user.name':
ensure => 'present',
user_id => 'user.name',
password => 'hunter2',
first_name => 'Foo',
last_name => 'Bar',
email_address => 'foo.bar@example.org',
status => 'active',
roles => ['nx-admin'],
}
The following properties are available in the nexus_user
type.
Data type: String
The email address of the user.
Data type: Enum[present, absent]
Whether this resource should be present or absent on the target system.
Default value: present
Data type: Optional[Array[String]]
The external assigned roles to the user.
Data type: String
The first name of the user.
Data type: String
The last name of the user.
Data type: Variant[String[1], Sensitive[String[1]]]
The password of the user.
Data type: Boolean
The status of the user if it is read only.
Data type: Array[String]
The roles assigned to the user.
Default value: ["nx-anonymous"]
Data type: String
The datasource of the user. e.g. local or ldap source name.
Default value: default
Data type: Enum[active,disabled,changepassword]
The user status.
Default value: active
The following parameters are available in the nexus_user
type.
namevar
Data type: String
The login name of the user.