Skip to content

Latest commit

 

History

History
1818 lines (1025 loc) · 54.7 KB

REFERENCE.md

File metadata and controls

1818 lines (1025 loc) · 54.7 KB

Reference

Table of Contents

Classes

Public Classes

Private Classes

  • nexus::config: Configure nexus repository manager
  • nexus::package: Install the Nexus Repository Manager package
  • nexus::plugin: Base class used by plugin classes
  • nexus::service: Maintains the Nexus service
  • nexus::user: Manages the operation system user account which is used to start up the service

Defined types

Resource types

  • nexus_blobstore: Raw provider to configure blobstore over the nexus repository manager rest api. Please use the defined types instead of this one directly.
  • nexus_repository: Raw provider to configure repository over the nexus repository manager rest api. Please use the defined types instead of this one directly.
  • nexus_setting: Raw provider to set settings over the nexus repository manager rest api. Please use nexus::config::* classes instead of this one directly.
  • nexus_user: Manage nexus repository users

Classes

nexus

Install and configure Sonatype Nexus Repository Manager 3.

Examples

class{ 'nexus':
  version => '3.37.3-02',
}

Parameters

The following parameters are available in the nexus class:

version

Data type: Pattern[/3.\d+.\d+-\d+/]

The version to download, install and manage.

download_folder

Data type: Stdlib::Absolutepath

Destination folder of the downloaded archive.

download_site

Data type: Stdlib::HTTPUrl

Download uri which will be appended with filename of the archive to download.

download_proxy

Data type: Optional[Stdlib::HTTPUrl]

Proxyserver address which will be used to download the archive file.

install_root

Data type: Stdlib::Absolutepath

The root filesystem path where the downloaded archive will be extracted to.

work_dir

Data type: Stdlib::Absolutepath

The nexus repository manager working directory which contains the embedded database and local blobstores.

user

Data type: String[1]

The operation system user used to start the nexus repository manager service.

group

Data type: String[1]

The operation system group used to start the nexus repository manager service.

host

Data type: Stdlib::Host

The bind address where the nexus repository manager service should bind to.

port

Data type: Stdlib::Port

The port which the nexus repository manager service should use.

manage_api_resources

Data type: Boolean

Set if this module should manage resources which require to be set over the nexus repository manager rest api.

manage_config

Data type: Boolean

Set if this module should manage the config file of nexus repository manager.

manage_user

Data type: Boolean

Set if this module should manage the creation of the operation system user.

manage_work_dir

Data type: Boolean

Set if this module should manage the work directory of the nexus repository manager.

purge_installations

Data type: Boolean

Set this option if you want old installations of nexus repository manager to get automatically deleted.

purge_default_repositories

Data type: Boolean

Set this option if you want to remove the default created maven and nuget repositories.

nexus::config::admin

Manage the nexus repository manager administrator account

Examples

include nexus::config::admin

Parameters

The following parameters are available in the nexus::config::admin class:

username

Data type: String[1]

The username of the administrator.

Default value: 'admin'

first_name

Data type: String[1]

The first name of the administrator.

Default value: 'Administrator'

last_name

Data type: String[1]

The last name of the administrator.

Default value: 'User'

email_address

Data type: String[1]

The email address of the administrator.

Default value: 'admin@example.org'

roles

Data type: Array[String[1]]

The assigned roles of the administrator. It should include 'nx-admin'.

Default value: ['nx-admin']

password

Data type: Optional[Variant[String[1], Sensitive[String[1]]]]

The password of the administrator. If not given there will be generated a random password.

Default value: undef

nexus::config::anonymous

Manage if anonymous user have access to nexus repository manager

Examples

include nexus::config::anonymous

Parameters

The following parameters are available in the nexus::config::anonymous class:

enabled

Data type: Boolean

Enable if anonymous/not logged in user have access to nexus repository manager.

Default value: false

user_id

Data type: String[1]

The nexus repository manager user id/name used to determine access.

Default value: 'anonymous'

realm_name

Data type: String[1]

Realm name used for anonymous user.

Default value: 'NexusAuthorizingRealm'

nexus::config::default_repositories

Removes the default repositories for maven and nuget

Examples

include nexus::config::default_repositories

nexus::config::device

Create puppet device config used to connect to the rest api

nexus::config::email

Manage the nexus repository manager email settings

Examples

include nexus::config::email

Parameters

The following parameters are available in the nexus::config::email class:

enabled

Data type: Boolean

Enable to let nexus repository manager send emails.

Default value: false

host

Data type: Stdlib::Host

The smtp host to connect to.

Default value: 'localhost'

port

Data type: Stdlib::Port

The port to connect to send emails.

Default value: 25

username

Data type: String

The username to connect to the smtp server.

Default value: ''

password

Data type: Optional[String]

The password to connect to the smtp server.

Default value: undef

from_address

Data type: String[1]

The email address used to set as From-Header.

Default value: 'nexus@example.org'

subject_prefix

Data type: String

Prefix which will be added to all emails.

Default value: ''

start_tls_enabled

Data type: Boolean

Enable STARTTLS support for insecure connections.

Default value: false

start_tls_required

Data type: Boolean

Require STARTTLS support.

Default value: false

ssl_on_connect_enabled

Data type: Boolean

Enable SSL/TLS encryption upon connection.

Default value: false

ssl_server_identity_check_enabled

Data type: Boolean

Enable server identity check.

Default value: false

nexus_trust_store_enabled

Data type: Boolean

Use certificates stored in the Nexus truststore to connect to external systems.

Default value: false

nexus::config::properties

A description of what this class does

Examples

include nexus::config::properties

nexus::plugin::composer

Install the composer repository format plugin

Examples

class { 'nexus':
   version => '3.34.3-02',
}
class { 'nexus::plugin::composer':
   version => '0.0.18',
}

Parameters

The following parameters are available in the nexus::plugin::composer class:

version

Data type: Pattern[/\d+.\d+.\d+/]

The composer repository format plugin version.

Defined types

nexus::resource::blobstore::file

Resource to manage (local) file blobstore

Examples

nexus::blobstore::file { 'apt-hosted': }

Parameters

The following parameters are available in the nexus::resource::blobstore::file defined type:

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent

Default value: 'present'

path

Data type: Variant[Stdlib::Absolutepath, String[1]]

The (local) path of the disk where the content of the blobstore should be stored. Non absolute paths will use the working directory as base path. The nexus (service) user needs write access to this path.

Default value: $title

nexus::resource::repository::apt::proxy

Resource to manage apt proxy repository

Examples

nexus::repository::apt::proxy { 'apt-debian':
   apt_distribution => $facts['os']['distro']['codename'],
   proxy_remote_url => 'https://deb.debian.org/debian/',
}

Parameters

The following parameters are available in the nexus::resource::repository::apt::proxy defined type:

apt_distribution

Data type: String[1]

APT distribution like buster, bullseye used by nexus repository manager to query the upstream repository.

proxy_remote_url

Data type: Stdlib::HTTPUrl

APT repository url like https://deb.debian.org/debian/.

apt_flat

Data type: Boolean

Is the upstream repository flat format?

Default value: false

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

http_client_auto_block

Data type: Boolean

Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.

Default value: true

http_client_blocked

Data type: Boolean

Block outbound connections on the repository.

Default value: false

negative_cache_enabled

Data type: Boolean

Cache responses for content not present in the proxied repository.

Default value: true

negative_cache_time_to_live

Data type: Integer

How long to cache the fact that a file was not found in the repository (in minutes).

Default value: 1440

online

Data type: Boolean

Enable this repository in nexus repository manager that it can be used.

Default value: true

proxy_content_max_age

Data type: Integer

Max age of content (packages)

Default value: 1440

proxy_metadata_max_age

Data type: Integer

Max age of the repository metadata

Default value: 1440

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

storage_write_policy

Data type: Enum['ALLOW']

Controls if deployments of and updates to artifacts are allowed.

Default value: 'ALLOW'

nexus::resource::repository::docker::group

Resource to manage docker group repository

Examples

nexus::repository::docker::group { 'docker-group':
   group_member_names => [
      'docker-hosted',
      'docker-docker.io',
   ],
}

Parameters

The following parameters are available in the nexus::resource::repository::docker::group defined type:

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

online

Data type: Boolean

Allow incoming requests to this repository.

Default value: true

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

group_member_names

Data type: Array[String[1]]

Ordered array of the (docker) member to be grouped into this repository.

Default value: []

docker_v1_enabled

Data type: Boolean

Allow clients to use the V1 API to interact with this repository.

Default value: false

docker_force_basic_auth

Data type: Boolean

Allow anonymous docker pull ( Docker Bearer Token Realm required ).

Default value: true

docker_http_port

Data type: Optional[Stdlib::Port]

Create an HTTP connector at specified port. Normally used if the server is behind a secure proxy.

Default value: undef

docker_https_port

Data type: Optional[Stdlib::Port]

Create an HTTPS connector at specified port. Normally used if the server is configured for https.

Default value: undef

nexus::resource::repository::docker::hosted

Resource to manage docker hosted repository

Examples

nexus::repository::docker::hosted { 'docker-hosted':
}

Parameters

The following parameters are available in the nexus::resource::repository::docker::hosted defined type:

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

online

Data type: Boolean

Allow incoming requests to this repository.

Default value: true

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

storage_write_policy

Data type: Enum['ALLOW','ALLOW_ONCE','DENY']

Controls if deployments of and updates to artifacts are allowed.

Default value: 'ALLOW_ONCE'

component_proprietary_components

Data type: Boolean

Components in this repository count as proprietary for namespace conflict attacks (requires Sonatype Nexus Firewall).

Default value: true

docker_v1_enabled

Data type: Boolean

Allow clients to use the V1 API to interact with this repository.

Default value: false

docker_force_basic_auth

Data type: Boolean

Allow anonymous docker pull ( Docker Bearer Token Realm required ).

Default value: true

docker_http_port

Data type: Optional[Stdlib::Port]

Create an HTTP connector at specified port. Normally used if the server is behind a secure proxy.

Default value: undef

docker_https_port

Data type: Optional[Stdlib::Port]

Create an HTTPS connector at specified port. Normally used if the server is configured for https.

Default value: undef

nexus::resource::repository::docker::proxy

Resource to manage docker proxy repository

Examples

nexus::repository::docker::proxy { 'docker-docker.io':
   proxy_remote_url => 'https://registry-1.docker.io',
}

Parameters

The following parameters are available in the nexus::resource::repository::docker::proxy defined type:

proxy_remote_url

Data type: Stdlib::HTTPSUrl

Docker repository url like https://registry-1.docker.io.

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

http_client_auto_block

Data type: Boolean

Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.

Default value: true

http_client_blocked

Data type: Boolean

Block outbound connections on the repository.

Default value: false

negative_cache_enabled

Data type: Boolean

Cache responses for content not present in the proxied repository.

Default value: true

negative_cache_time_to_live

Data type: Integer

How long to cache the fact that a file was not found in the repository (in minutes).

Default value: 1440

online

Data type: Boolean

Enable this repository in nexus repository manager that it can be used.

Default value: true

proxy_content_max_age

Data type: Integer

Max age of content (packages).

Default value: 1440

proxy_metadata_max_age

Data type: Integer

Max age of the repository metadata.

Default value: 1440

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

storage_write_policy

Data type: Enum['ALLOW','ALLOW_ONCE','DENY']

Controls if deployments of and updates to artifacts are allowed.

Default value: 'ALLOW'

docker_v1_enabled

Data type: Boolean

Allow clients to use the V1 API to interact with this repository.

Default value: false

docker_force_basic_auth

Data type: Boolean

Allow anonymous docker pull ( Docker Bearer Token Realm required ).

Default value: true

docker_http_port

Data type: Optional[Stdlib::Port]

Create an HTTP connector at specified port. Normally used if the server is behind a secure proxy.

Default value: undef

docker_https_port

Data type: Optional[Stdlib::Port]

Create an HTTPS connector at specified port. Normally used if the server is configured for https.

Default value: undef

docker_subdomain

Data type: Optional[Stdlib::Fqdn]

Use the following subdomain to make push and pull requests for this repository.

Default value: undef

docker_proxy_index_type

Data type: Enum['REGISTRY','HUB','CUSTOM']

Docker index type. See https://help.sonatype.com/repomanager3/nexus-repository-administration/formats/docker-registry/proxy-repository-for-docker#ProxyRepositoryforDocker-ConfiguringaCorrectRemoteStorageandDockerIndexURLPair

Default value: 'HUB'

docker_proxy_index_url

Data type: Optional[Stdlib::HTTPSUrl]

If docker_proxy_index_type is CUSTOM you have to set the uri of the index api.

Default value: undef

docker_proxy_cache_foreign_layers

Data type: Boolean

Allow Nexus Repository Manager to download and cache foreign layers.

Default value: false

docker_proxy_foreign_layer_url_whitelist

Data type: Array[String[1]]

Regular expressions used to identify URLs that are allowed for foreign layer requests.

Default value: []

nexus::resource::repository::npm::group

Resource to manage npm group repository

Examples

nexus::repository::npm::group { 'npm-group':
   group_member_names => [
      'npm-hosted',
      'npm-npmjs.org',
   ],
}

Parameters

The following parameters are available in the nexus::resource::repository::npm::group defined type:

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

online

Data type: Boolean

Enable this repository in nexus repository manager that it can be used.

Default value: true

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

group_member_names

Data type: Array[String[1]]

Ordered array of the (npm) member to be grouped into this repository.

Default value: []

nexus::resource::repository::npm::hosted

Resource to manage npm hosted repository

Examples

nexus::repository::npm::hosted { 'npm-hosted': }

Parameters

The following parameters are available in the nexus::resource::repository::npm::hosted defined type:

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

online

Data type: Boolean

Enable this repository in nexus repository manager that it can be used.

Default value: true

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

storage_write_policy

Data type: Enum['allow_once']

Controls if deployments of and updates to artifacts are allowed.

Default value: 'allow_once'

component_proprietary_components

Data type: Boolean

Components in this repository count as proprietary for namespace conflict attacks (requires Sonatype Nexus Firewall).

Default value: true

nexus::resource::repository::npm::proxy

Resource to manage npm proxy repository

Examples

nexus::repository::npm::proxy { 'npm-npmjs.org':
   proxy_remote_url => 'https://registry.npmjs.org',
}

Parameters

The following parameters are available in the nexus::resource::repository::npm::proxy defined type:

proxy_remote_url

Data type: Stdlib::HTTPSUrl

NPM repository url like https://registry.npmjs.org.

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

npm_remove_non_cataloged

Data type: Boolean

Remove non-cataloged versions from the npm package metadata. (Requires IQ: Audit and Quarantine)

Default value: false

npm_remove_quarantined

Data type: Boolean

Remove quarantined versions from the npm package metadata. (Requires IQ: Audit and Quarantine)

Default value: false

http_client_auto_block

Data type: Boolean

Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.

Default value: true

http_client_blocked

Data type: Boolean

Block outbound connections on the repository.

Default value: false

negative_cache_enabled

Data type: Boolean

Cache responses for content not present in the proxied repository.

Default value: true

negative_cache_time_to_live

Data type: Integer

How long to cache the fact that a file was not found in the repository (in minutes).

Default value: 1440

online

Data type: Boolean

Enable this repository in nexus repository manager that it can be used.

Default value: true

proxy_content_max_age

Data type: Integer

Max age of content (packages).

Default value: 1440

proxy_metadata_max_age

Data type: Integer

Max age of the repository metadata.

Default value: 1440

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

storage_write_policy

Data type: Enum['ALLOW','ALLOW_ONCE','DENY']

Controls if deployments of and updates to artifacts are allowed.

Default value: 'ALLOW'

nexus::resource::repository::yum::hosted

Resource to manage yum hosted repository

Examples

nexus::resource::repository::yum::hosted { 'yum-hosted':
  repodata_depth => 5,
}

Parameters

The following parameters are available in the nexus::resource::repository::yum::hosted defined type:

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

online

Data type: Boolean

Allow incoming requests to this repository.

Default value: true

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

storage_write_policy

Data type: Enum['ALLOW','ALLOW_ONCE','DENY']

Controls if deployments of and updates to artifacts are allowed.

Default value: 'ALLOW_ONCE'

component_proprietary_components

Data type: Boolean

Components in this repository count as proprietary for namespace conflict attacks (requires Sonatype Nexus Firewall).

Default value: true

repodata_depth

Data type: Integer

Set the depth of the directory in which the repodata/repomd.xml will be generated.

Default value: 0

deploy_policy

Data type: Enum['STRICT','PERMISSIVE']

Set the deploy policy, whether or not a redeploy of rpm's is allowed.

Default value: 'STRICT'

nexus::resource::repository::yum::proxy

Resource to manage yum proxy repository

Examples

nexus::resource::repository::yum::proxy { 'yum-oracle-latest':
   proxy_remote_url => 'https://yum.oracle.com/repo/OracleLinux/OL7/latest/x86_64/',
}

Parameters

The following parameters are available in the nexus::resource::repository::yum::proxy defined type:

proxy_remote_url

Data type: Stdlib::HTTPSUrl

yum repository url like https://yum.oracle.com/repo/OracleLinux/OL7/latest/x86_64/.

ensure

Data type: Enum['present', 'absent']

Define if the resource should be created/present or deleted/absent.

Default value: 'present'

http_client_auto_block

Data type: Boolean

Auto-block outbound connections on the repository if remote peer is detected as unreachable/unresponsive.

Default value: true

http_client_blocked

Data type: Boolean

Block outbound connections on the repository.

Default value: false

negative_cache_enabled

Data type: Boolean

Cache responses for content not present in the proxied repository.

Default value: true

negative_cache_time_to_live

Data type: Integer

How long to cache the fact that a file was not found in the repository (in minutes).

Default value: 1440

online

Data type: Boolean

Enable this repository in nexus repository manager that it can be used.

Default value: true

proxy_content_max_age

Data type: Integer

Max age of content (packages)

Default value: 1440

proxy_metadata_max_age

Data type: Integer

Max age of the repository metadata

Default value: 1440

storage_blob_store_name

Data type: String[1]

The name of the blobstore inside of nexus repository manager to be used. We suggest to use a own blobstore for each defined repository.

Default value: $title

storage_strict_content_type_validation

Data type: Boolean

Validate that all content uploaded to this repository is of a MIME type appropriate for the repository format.

Default value: true

storage_write_policy

Data type: Enum['ALLOW']

Controls if deployments of and updates to artifacts are allowed.

Default value: 'ALLOW'

Resource types

nexus_blobstore

Raw provider to configure blobstore over the nexus repository manager rest api.

Please use the defined types instead of this one directly.

Properties

The following properties are available in the nexus_blobstore type.

attributes

Data type: Hash

The config settings of this blobstore definition.

ensure

Data type: Enum[present, absent]

Whether this resource should be present or absent on the target system.

Default value: present

type

Data type: Enum[azure, file, s3]

Blobstore type.

Parameters

The following parameters are available in the nexus_blobstore type.

name

namevar

Data type: String

The name of the resource you want to manage.

nexus_repository

Raw provider to configure repository over the nexus repository manager rest api.

Please use the defined types instead of this one directly.

Properties

The following properties are available in the nexus_repository type.

attributes

Data type: Hash

The config settings of this repository definition.

ensure

Data type: Enum[present, absent]

Whether this resource should be present or absent on the target system.

Default value: present

format

Data type: String

The format of the resource you want to manage

type

Data type: Enum[group, hosted, proxy]

Repository type.

Parameters

The following parameters are available in the nexus_repository type.

name

namevar

Data type: String

The name of the resource you want to manage.

nexus_setting

Raw provider to set settings over the nexus repository manager rest api.

Please use nexus::config::* classes instead of this one directly.

Properties

The following properties are available in the nexus_setting type.

attributes

Data type: Hash

The config settings returned from the given api endpoint.

ensure

Data type: Enum[present, absent]

Whether this resource should be present or absent on the target system.

Default value: present

Parameters

The following parameters are available in the nexus_setting type.

name

namevar

Data type: String

The api endpoint of simple nexus config settings.

nexus_user

nexus_user { 'user.name':
  ensure        => 'present',
  user_id       => 'user.name',
  password      => 'hunter2',
  first_name    => 'Foo',
  last_name     => 'Bar',
  email_address => 'foo.bar@example.org',
  status        => 'active',
  roles         => ['nx-admin'],
}

Properties

The following properties are available in the nexus_user type.

email_address

Data type: String

The email address of the user.

ensure

Data type: Enum[present, absent]

Whether this resource should be present or absent on the target system.

Default value: present

external_roles

Data type: Optional[Array[String]]

The external assigned roles to the user.

first_name

Data type: String

The first name of the user.

last_name

Data type: String

The last name of the user.

password

Data type: Variant[String[1], Sensitive[String[1]]]

The password of the user.

read_only

Data type: Boolean

The status of the user if it is read only.

roles

Data type: Array[String]

The roles assigned to the user.

Default value: ["nx-anonymous"]

source

Data type: String

The datasource of the user. e.g. local or ldap source name.

Default value: default

status

Data type: Enum[active,disabled,changepassword]

The user status.

Default value: active

Parameters

The following parameters are available in the nexus_user type.

user_id

namevar

Data type: String

The login name of the user.