nexus + docker + nginx proxy with ssl
854 views
Skip to first unread message
Ob Zen
Jul 29, 2017, 2:55:08 PM7/29/17
to Nexus Users
Hi all,
I'm trying to configure nexus with docker repos with nginx proxy.
nexus: 3.4.0-02
nginx conf:
server {
listen ip:9666;
server_name domain:9666;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen ip:9666 default_server ssl;
server_name domain:9666;
client_max_body_size 1G;
ssl_certificate /etc/nginx/ssl/ssl.org.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
proxy_pass http://127.0.0.1:9666;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto "https";
proxy_read_timeout 900;
}
}
Nexus has docker hosted repo with 9666 HTTP port with v1 api checkbox.
After this i trying to login
docker login domain:9666
Username: admin
Password:
Error response from daemon: login attempt to https://domain:9666/v2/ failed with status: 404 Not Found
Nginx log
==> /var/log/nginx/access.log <==
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 301 194 "-" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby os/linux arch/amd64 UpstreamClient
(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 404 719 "https://domain:9666/v2/" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby
os/linux arch/amd64 UpstreamClient(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 301 194 "-" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby os/linux arch/amd64 UpstreamClient
(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 404 719 "https://domain:9666/v2/" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby
os/linux arch/amd64 UpstreamClient(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
Can somebody help me with this problem?
I'm trying to configure nexus with docker repos with nginx proxy.
nexus: 3.4.0-02
nginx conf:
server {
listen ip:9666;
server_name domain:9666;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen ip:9666 default_server ssl;
server_name domain:9666;
client_max_body_size 1G;
ssl_certificate /etc/nginx/ssl/ssl.org.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
proxy_pass http://127.0.0.1:9666;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto "https";
proxy_read_timeout 900;
}
}
Nexus has docker hosted repo with 9666 HTTP port with v1 api checkbox.
After this i trying to login
docker login domain:9666
Username: admin
Password:
Error response from daemon: login attempt to https://domain:9666/v2/ failed with status: 404 Not Found
Nginx log
==> /var/log/nginx/access.log <==
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 301 194 "-" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby os/linux arch/amd64 UpstreamClient
(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 404 719 "https://domain:9666/v2/" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby
os/linux arch/amd64 UpstreamClient(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 301 194 "-" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby os/linux arch/amd64 UpstreamClient
(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
ip - - [29/Jul/2017:21:38:35 +0300] "GET /v2/ HTTP/1.1" 404 719 "https://domain:9666/v2/" "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby
os/linux arch/amd64 UpstreamClient(Docker-Client/17.06.0-ce \x5C(darwin\x5C))"
Can somebody help me with this problem?
Ob Zen
Jul 29, 2017, 3:48:59 PM7/29/17
to Nexus Users
Trace log
==> /opt/sonatype-work/nexus3/log/nexus.log <==
2017-07-29 22:48:08,486+0300 TRACE [qtp1774237764-757] *UNKNOWN org.sonatype.nexus.internal.security.anonymous.AnonymousManagerImpl - Building anonymous subject with user-id: anonymous, realm-name: NexusAuthorizingRealm
==> /opt/sonatype-work/nexus3/log/request.log <==
172.17.40.236 - - [29/Jul/2017:22:48:08 +0300] "GET /v2/ HTTP/1.0" 404 1833 3 "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby os/linux arch/amd64 UpstreamClient(Docker-Client/17.06.0-ce \(darwin\))"
суббота, 29 июля 2017 г., 21:55:08 UTC+3 пользователь Ob Zen написал:
==> /opt/sonatype-work/nexus3/log/nexus.log <==
2017-07-29 22:48:08,486+0300 TRACE [qtp1774237764-757] *UNKNOWN org.sonatype.nexus.internal.security.anonymous.AnonymousManagerImpl - Building anonymous subject with user-id: anonymous, realm-name: NexusAuthorizingRealm
==> /opt/sonatype-work/nexus3/log/request.log <==
172.17.40.236 - - [29/Jul/2017:22:48:08 +0300] "GET /v2/ HTTP/1.0" 404 1833 3 "docker/17.06.0-ce go/go1.8.3 git-commit/02c1d87 kernel/4.9.31-moby os/linux arch/amd64 UpstreamClient(Docker-Client/17.06.0-ce \(darwin\))"
суббота, 29 июля 2017 г., 21:55:08 UTC+3 пользователь Ob Zen написал:
Ob Zen
Jul 29, 2017, 5:14:14 PM7/29/17
to Nexus Users
Problem was solved. It was nginx problem. I fixed it.
To view this discussion on the web visit https://groups.google.com/a/glists.sonatype.com/d/msgid/nexus-users/d5b25295-7ca2-4b8e-9238-d2b69df22310%40glists.sonatype.com.--
You received this message because you are subscribed to a topic in the Google Groups "Nexus Users" group.
To unsubscribe from this topic, visit https://groups.google.com/a/glists.sonatype.com/d/topic/nexus-users/WstFhbYth_M/unsubscribe.
To unsubscribe from this group and all its topics, send an email to nexus-users+unsubscribe@glists.sonatype.com.
To post to this group, send email to nexus...@glists.sonatype.com.
Brantone
Apr 12, 2018, 4:00:13 AM4/12/18
to Nexus Users
And what was the fix?!?
To unsubscribe from this group and all its topics, send an email to nexus-users...@glists.sonatype.com.
Глеб Ференци
Apr 12, 2018, 4:41:10 AM4/12/18
to Nexus Users
My nginx vh now:
server {
listen ip:9666 ssl;
server_name nexus:9666;
client_max_body_size 1G;
ssl_certificate /etc/nginx/ssl/nexus.crt;
ssl_certificate_key /etc/nginx/ssl/nexus.key;
server {
listen ip:9666 ssl;
server_name nexus:9666;
client_max_body_size 1G;
ssl_certificate /etc/nginx/ssl/nexus.crt;
ssl_certificate_key /etc/nginx/ssl/nexus.key;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
proxy_pass http://127.0.0.1:9666;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_read_timeout 900;
}
}
proxy_read_timeout 900;
}
}
четверг, 12 апреля 2018 г., 11:00:13 UTC+3 пользователь Brantone написал:
Brantone
Apr 12, 2018, 5:50:14 AM4/12/18
to Nexus Users
Ah I see! Nice!!
Thanks, that helps!!
Reply all
Reply to author
Forward
0 new messages