Documentation
Getting Started

Getting Started

Installing the collection 

ansible-galaxy collection install cloudkrafter.nexus

Initial setup and using the nexus_oss role

playbook.yml
1
2
3
4
5
6

- name: Provisioning Playbook (former fork of thoteam/nexus_oss role)
  hosts: all
  collections:
    - cloudkrafter.nexus
  roles:
    - role: cloudkrafter.nexus.nexus_oss

Running desired-state configurations

⚠️
The config_api role uses a different approach to set defaults. If you override the _nexus_repos_maven_defaults variable for example, make sure you apply the same defaults to the nexus_repos_global_defaults, nexus_repos_type_defaults and nexus_repos_format_defaults dictionaries! See role defaults for the full dictionaries.

Once you have a working Nexus instance, you can execute most configuration tasks without rebooting your Nexus instance.

⚠️
The config_api role will ensure a desired state. For example repositories not defined in nexus_repos_*_* will be DELETED in your Nexus instance. If you don’t want this, stick with the nexus_oss role.
playbook.yml
1
2
3
4
5
6

- name: Run Desired state config
  hosts: all
  collections:
    - cloudkrafter.nexus
  roles:
    - role: cloudkrafter.nexus.config_api

You can also use both roles in one play:

playbook.yml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10

- name: Playbook
  hosts: all
  vars:
    # Disables the creation and modification of assets such as repos using the nexus_oss role
    nexus_run_provisionning: false
  collections:
    - cloudkrafter.nexus
  roles:
    - role: cloudkrafter.nexus.nexus_oss # Still ensuring the Nexus server configs
    - role: cloudkrafter.nexus.config_api # Creating, updating or deleting assets such as LDAP servers

Using tags for an execution strategy

All tasks are tagged to allow certain parts to be executed.

Available tags:

license
security-anonymous-access
user-tokens
ssl-truststore
ldap
security-realms
cleanup-policies
routing-rules
content-selectors
blobstores
privileges
roles
users
repositories
maven-hosted
maven-proxy
maven
apt-hosted
apt-proxy
apt
cargo-hosted
cargo-proxy
cargo
cocoapods-proxy
cocoapods
conan-hosted
conan-proxy
conan
conda-proxy
conda
docker-hosted
docker-proxy
docker
gitlfs-hosted
gitlfs
go-proxy
go
helm-hosted
helm-proxy
helm
npm-hosted
npm-proxy
npm
nuget-hosted
nuget-proxy
nuget
pypi-hosted
pypi-proxy
pypi
raw-hosted
raw-proxy
raw
r-hosted
r-proxy
r
p2-proxy
p2
rubygems-hosted
rubygems-proxy
rubygems
yum-hosted
yum-proxy
yum
⚠️
Yellow tags always depend on another tag, so you’ll need to combine them. For example --tags="repositories,maven-hosted" to configure hosted maven repositories only. or --tags="roles,users" to configure roles and users.

When no tags are specified, all tasks will be executed.

🚫
There are no *-group tags! Groups are always depending on either hosted or proxy repos. Therefore group repos can be configured using the format tag of a group, for example --tags="repositories,maven"

Dry run

Sometimes you want to see what will be changed before proceeding. By setting the nexus_config_dry_run: true variable, the role will still show you what would have been changed upon a regular playbook run, without making any changes to your repositories.

To only show changed items in your Ansible logs you can do the following:

ansible.cfg
[defaults]
display_skipped_hosts = false
display_ok_hosts = false

or in your terminal session:

# Only show possible changes
export ANSIBLE_DISPLAY_SKIPPED_HOSTS=false
export ANSIBLE_DISPLAY_OK_HOSTS=false
ansible-playbook -i all playbook.yml -e nexus_config_dry_run=true

Examples for execution strategies 

# Only configure cleanup policies
ansible-playbook -i all --tags cleanup-policies playbook.yml

[Optional] Enabling Nexus Repository Manager Pro

If you want to enable the Pro features, please note that you have to provide your own license. If your Nexus instance is already running on the Pro version, you still need the nexus_enable_pro_version variable set to be true, otherwise the nexus_enable_pro_version will default to false resulting in disabling Pro features and removing your license, to comply with desired-state principles.

If you set nexus_enable_pro_version to true, you must provide a base64 encoded license file.

Either by setting the NEXUS_LICENSE_B64 environment variable on the system that executes your playbook or by providing a base64 encoded license string in your vars.

group_vars/all.yml
1
2

nexus_enable_pro_version: true
nexus_license_b64: <your Nexus .lic license file encoded into a base64 string>`

Next

When ready, explore the role capabilities and configurations:

Config API Role Nexus OSS Role
Last updated on