Sonatype Nexus3 - Docker Compose Stack with Nginx Reverse Proxy

# Create folder structure
sudo mkdir -p /opt/nexus3/nexus-data && cd /opt/nexus3

# Change permissions
sudo chown -R 200:200 /opt/nexus3/nexus-data

# Create Docker Compose file
sudo vi docker-compose.yml

version: "2"

services:
  nexus:
    image: sonatype/nexus3:latest
    container_name: nexus
    restart: unless-stopped
    ports:
      - "8081:8081"
    volumes:
      - ./nexus-data:/nexus-data

# Start / create container
sudo docker compose up -d

# Find initial Admin PW
cat /opt/nexus3/nexus-data/admin.password

# Find initial Admin PW: When volume is not mapped to host
docker exec nexus cat /nexus-data/admin.password

# Install Certbot
sudo apt install certbot -y

# Create certificate
sudo certbot certonly --standalone -d nexus3.jklug.work

# Install nginx
sudo apt install nginx -y

# Copy default config
sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/nexus3.jklug.work

# Edit config
sudo vi /etc/nginx/sites-available/nexus3.jklug.work

# nexus3.jklug.work
server {
    listen 443 ssl;
    server_name nexus3.jklug.work;

    ssl_certificate         /etc/letsencrypt/live/nexus3.jklug.work/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/nexus3.jklug.work/privkey.pem;


    location / {
        proxy_pass http://127.0.0.1:8081/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# Disable default config
sudo rm /etc/nginx/sites-enabled/default

# Enable config
sudo ln -s /etc/nginx/sites-available/nexus3.jklug.work /etc/nginx/sites-enabled/

# Restart Nginx
sudo systemctl restart nginx

# Open URL
nexus3.jklug.work

# User
admin

# Use default admin PW

# DockerHub
https://hub.docker.com/r/sonatype/nexus3