0x01 maven介绍
Maven是一个强大的项目管理工具,其构建特性被普遍用于项目管理,Maven本身也是由Java所开发,它的出现给项目管理带来了极大的方便,告别了手动构建的时代。
0x02 环境介绍
#一共1台服务器
maven.010sec.com 10.10.10.20
#关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
#下载第三方依赖环境包
yum -y install epel-release
#设置host
cat >>/etc/hosts <<EOF
10.10.10.20 maven.010sec.com
EOF
#关闭selinux,需要重启
sed -i 's:SELINUX=enforcing:SELINUX=disabled:g' /etc/selinux/config
#临时关闭seLinux
setenforce 0
#重启
reboot
0x03 服务器环境安装
## 安装基础软件,jdk安装
# 下载
wget http://download.oracle.com/otn-pub/java/jdk/8u121-b13/e9e7ea248e2c4826b92b3f075a80e441/jdk-8u121-linux-x64.tar.gz
# 解压
tar zxf jdk-8u121-linux-x64.tar.gz
mv jdk1.8.0_121/ /opt/xxx/java
# 设置环境变量
vim /etc/profile/jdk.sh
export JAVA_HOME=/opt/xxx/java
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=.:$JAVA_HOME/lib:$JRE_HOME/lib
export PATH=$JAVA_HOME/bin:$PATH
# 启动环境变量
source /etc/profile
# 测试java环境变量
java -version
# 默认不建议使用root权限安装nexus
# 创建账号
useradd 010sec
# 使用账号
su - 010sec
## maven下载与安装
下载地址:https://www.sonatype.com/download-oss-sonatype
当前使用的centos7,所以下载unix版本
wget https://sonatype-download.global.ssl.fastly.net/repository/repositoryManager/3/nexus-3.13.0-01-unix.tar.gz
# 创建一个目录
mkdir nexus
# 解压
tar zxf nexus-3.13.0-01-unix.tar.gz -C nexus
# 配置文件 (发现内容为端口信息和文件存储地址)
cat nexus/nexus-3.13.0-01/etc/nexus-default.properties
# 启动 (假设当前目录为/home/010sec)
nexus/nexus-3.13.0-01/bin/nexus start
# 停止为(假设当前目录为/home/010sec)
nexus/nexus-3.13.0-01/bin/nexus stop
# 查看网页(默认密码admin/admin123)
0x04 本地连接测试
## 本地自行安装java和maven
# 本地maven配置文件
cat settings.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<localRepository>/home/admin/.m2/repository</localRepository>
<pluginGroups>
<pluginGroup>org.grails</pluginGroup>
<pluginGroup>com.alibaba.org.apache.maven.plugins</pluginGroup>
</pluginGroups>
<proxies>
</proxies>
<servers>
<server>
<id>maven-snapshots</id>
<username>admin</username>
<password>admin123</password>
</server>
<server>
<id>maven-releases</id>
<username>admin</username>
<password>admin123</password>
</server>
<server>
<id>maven-central</id>
<username>admin</username>
<password>admin123</password>
</server>
</servers>
<mirrors>
<mirror>
<id>1</id>
<mirrorOf>maven-central</mirrorOf>
<name>meida mirror</name>
<url>http://maven.010sec.cn/repository/maven-public</url>
</mirror>
<mirror>
<id>2</id>
<mirrorOf>maven-snapshots</mirrorOf>
<name>meida mirror snapshots</name>
<url>http://maven.010sec.cn/repository/maven-snapshots</url>
</mirror>
<mirror>
<id>3</id>
<mirrorOf>maven-releases</mirrorOf>
<name>meida mirror releases</name>
<url>http://maven.010sec.cn/repository/maven-releases</url>
</mirror>
<mirror>
<id>alimaven</id>
<name>aliyun maven</name>
<url>http://maven.aliyun.com/nexus/content/groups/public/</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
<profiles>
<profile>
<id>public</id>
<repositories>
<repository>
<id>central</id>
<url>https://repo1.maven.org/maven2</url>
<releases>
<enabled>true</enabled>
</releases>
</repository>
<repository>
<id>central-maven</id>
<url>http://central.maven.org/maven2/</url>
<releases>
<enabled>true</enabled>
</releases>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>central</id>
<url>https://repo1.maven.org/maven2</url>
<releases>
<enabled>true</enabled>
</releases>
</pluginRepository>
</pluginRepositories>
</profile>
<profile>
<id>nexus</id>
<repositories>
<repository>
<id>maven-releases</id>
<url>http://maven.010sec.cn/repository/maven-releases</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<id>maven-snapshots</id>
<url>http://maven.010sec.cn/repository/maven-snapshots</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
<updatePolicy>always</updatePolicy>
<checksumPolicy>warn</checksumPolicy>
</snapshots>
</repository>
<repository>
<id>maven-central</id>
<url>http://maven.010sec.cn/repository/maven-central</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>maven-releases</id>
<url>http://maven.010sec.cn/repository/maven-releases</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</pluginRepository>
<pluginRepository>
<id>maven-snapshots</id>
<url>http://maven.010sec.cn/repository/maven-snapshots</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</pluginRepository>
<pluginRepository>
<id>maven-central</id>
<url>http://maven.010sec.cn/repository/maven-central</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>nexus</activeProfile>
</activeProfiles>
</settings>
# 寻找以maven项目,添加上传内容到pom文件,pom文件
<!-- 配置发布到私服 -->
<distributionManagement>
<repository>
<id>maven-releases</id>
<name>Nexus Release Repository</name>
<url>hhttp://maven.010sec.cn/repository/maven-releases/</url>
</repository>
<snapshotRepository>
<id>maven-snapshots</id>
<name>Nexus Snapshot Repository</name>
<url>http://maven.010sec.cn/repository/maven-snapshots/</url>
</snapshotRepository>
</distributionManagement>
编译上传本地文件
mvn clean deploy
0x05 线上操作
# 基于线上操作,由于线上不应该给admin权限,所以需要申请一个低权限账号,只需要给予read权限就足够了.
# 登录web界面
# 可以赋值为nx-users-read,也可以对逐个仓库分别赋值(主要以安全为主)
# 服务器端 maven配置文件,主要修改如下一段 settings.xml
<servers>
<server>
<id>maven-snapshots</id>
<username>devloper</username>
<password>123456</password>
</server>
<server>
<id>maven-releases</id>
<username>devloper</username>
<password>123456</password>
</server>
<server>
<id>maven-central</id>
<username>devloper</username>
<password>123456</password>
</server>
</servers>
# 服务器上,不会采取打包上传操作,只会进行下拉操作
mvn clean package -Dmaven.test.skip -U -e
0x06 细节研究
1.密码设置必须要保证安全性,admin密码必须修改
2.可以使用nginx进行转发,记录各种请求操作,防止误操作
0x07 资料来源
https://my.oschina.net/u/3038819/blog/853516 https://www.jianshu.com/p/7d62e70d6868
https://www.jianshu.com/p/4ebd5eda31fc
https://www.jianshu.com/p/8d7dd6f99861
https://www.sonatype.com/download-oss-sonatype
https://blog.csdn.net/ApatheCrazyFan/article/details/80713617 https://jkzhao.github.io/2017/11/19/nexus%E6%90%AD%E5%BB%BAmaven%E7%A7%81%E6%9C%8D/