I have sonatype nexus (configured as npm group of hosted repo and proxy repo) installed behind reverse proxy.
After last update to OSS 3.41.1-01 we have problems installing via npm install. For some reason url of the actual files (.tgz) are served with wrong url (its using internal ip and not selected domain). In actual json returned from repo tarball options has internal url instead of domain (Image of json from the repo).
As of now i can't found any reference to this kind of problem.
I know of only one hack solution with using rewriting url from upstream which I don't want be doing.
The tarball location is set by the incoming host headers. It it not clear how your reverse proxy is being used but you should be able to confirm that the Host header value is being set in the proxy configuration.
Sonatype provide apache and nginx examples for a few different use cases here. https://help.sonatype.com/repomanager3/planning-your-implementation/run-behind-a-reverse-proxy
Related
I have an OpenShift environment built with an Apache AAA Pod (service and route) that allows external (to OpenShift) https requests via an intranet browser (yes, I mean intranet and not internet). Apache is setup as a proxy server for multiple pods/services inside of OpenShift. I also have a new pod that was recently created that runs Jenkins. Jenkins has a web interface built in. I am able to get to the Jenkins web GUI by setting up a ProxyPass and ProxyPassReverse for the default Jenkins web address.
Now here comes the problem...
When I go to example.com/jenkins, Apache sees the request and passes it to the Jenkins Pod but the Pod returns another address example.com/login. For this I have to enter another ProxyPass and Reverse into Apache. I then get that in and find that every link on the presented Jenkins Web GUI has another link that seems to present https://example.com/*. This is a problem because there are dozens of sub links and sub pages that each seem to require a separate ProxyPass and Reverse entry.
To add to this, I cannot simply pass "/" to the Jenkins pod because there are other pods and services that are being passed through the Apache server. My department does not have access to create new URLs on a whim so I have to stick with example.com/ as my only path into my OpenShift setup.
How can I do one of the following:
Change Jenkins to force the presented URL to include a header for every link. Like putting .../jenkins/* in front of every link so that I can use .../jenkins/ as my ProxyPass & Reverse to cover all jenkins web GUI URLs.
Configure Apache to convert the URLs coming from the Jenkins Pod into a URL that is presented to the web browser in such a way that .../jenkins/ is added between & /login or any other jenkins web links.
Some other option that I have not thought of yet that may have worked for others with similar setups.
(Sorry for the long question but there are a lot of details that needed to be included as this is a complex issue.)
You could startup jenkins at a different context path: java -jar jenkins.war --prefix=/jenkins, or start it up behind tomcat with a different context path.
Have you set the Jenkins URL in the Jenkins->Manage Jenkins->Configure System?
you can achieve this in two steps
implement the route changes at proxy level
implement the route changes at app level
I have implemented the same with Openshift environment.
Thanks.
Got Nexus Repository Manager OSS, where I set up a proxy repository to another Nexus (Professional edition). Routing information is Ok, appears as published and Discovery is successfull. I can browser remote repository, but nothing appears under Browser Index tab.
When I try accessing the repository via http (e.g. http://myserver.net/nexus/content/repositories/MyRepository/org/) - I receive this error:
404 - Request is marked as local-only, remote access not allowed from M2Repository
Did I miss something?
You can't retrieve a directory through a proxy repository, you need to send a request for an actual artifact file that exists on the remote, e.g. "http://myserver.net/nexus/content/repositories/MyRepository/org/foo/someproject/1.0/someproject-1.0.jar".
After researching a while, found that artifacts are indexed only after downloading them via Nexus server found in the middle, between me and remote Nexus.
As of error, causing it was a bad URL, unfortunately I miss-typed an artifact name in the URL address.
I'm using Composer with Toran Proxy hosted on a personal server to manage my package dependencies for Symfony2, today I encountered a problem, one of the URLs that Composer needs to download ends with dependecy-injection.json, every other URL downloads OK, but having those words it's something the proxy doesn't like, so it blocks it.
I have full access to the server, is there a way to mask o change that certain URL to make it look like another one and so "bypassing" the proxy?
This is the URL:
http://domainexample/toran/web/app.php/repo/packagist/p/symfony/dependency-injection.json
I'm using Apache2 as web server.
So I have managed it. I can clone mercurial-repositories remotely using HTTP to my Windows Server 2003 machine and the ipaddress from that machine. Although I did deactivate IIS6 and am using Apache 2.2.x now. But not all works right now...darn! Here's the thing:
Cloning goes smooth! But when I want to push my changes to the original repository I get the message "cannot lock static http-repository". On the internet I get to read several explanations that Mercurial wasn't designed to push over HTTP connections. Still, on the Mercurial website there's something about configuring an hgrc file.
There's also the possibilty to configure Apache to host via HTTPS (or SSL). For this you have to load the module enabling OpenSSL and generating keys.
Configuring the hgrc file
Just add "push_ssl = false" under the [web] line. But where to put this file when pushing your changes back?! Because I placed it in the root of the server, in the ".hg" directory, nothing works.
Using SSL/HTTPS with Apache
When I try to access 'https://myipaddress' it fails, displaying a dutch message which would mean something like "server taking too long to respond". Trying to push also gives me a dutch error message which means about the same. It can not connect to my server via https although I followed the steps exactly at this blog.
I don't care which of the above solutions will work for me. Turns out none of them work so far. So please, can anyone help me with one of the solutions above? Pick the easiest! Help will be greatly appreciated, not only from me.
Summary
-Windows Server 2003
-Apache 2.2 with OpenSSL
-Mercurial 1.8.2
-I can clone, but not push!
Thank you!
Maarten Baar(s)
It seems like you might have apache configured incorrectly for getting it to do what you want. Based on your question it sounds like you have a path (maybe the root of the server) pointing to the repository you want to serve.
Mercurial comes with a script for this exact purpose, in the latest version it is hgweb.cgi. There are reasonably good instructions for setting it up on the mercurial site. It should allow both cloning and pushing. You will need the push_ssl=false if you will not be configuring https and also an allow_push line which will let certain users, or all (*) push to the repository. But all that should be part of the setup docs.
I'm running the maven repository manager Nexus on Tomcat. When I setup my pom file, my repository URLs all look something like http://myhost/nexus/repo-name. I'd like to get the word "nexus" out of the URL. We're currently transitioning from an older repository manager and now we need to update all of the URLs. However, if we had a generic repository URL like http://myhost/maven-repo/repo-name, then the URL would be independent of the repository manager.
How can I set something like this up on Tomcat? Would I need to setup host name aliases? Or is there an easier way to do this?
Thanks,
Jeff
I would use a frontal Apache server (only httpd, not Tomcat) to do that, configured as a reverse proxy.
Apache url rewriting and reverse proxy are easy to configure. With this Apache frontal proxy, you are independant from Nexus, but also from the Tomcat server.
With the same Apache URL, you can move to Archiva on a Glassfish server (for example) transparently for the projects.
Deploy your application in the root folder of Tomcat.
I hope you don't put repository locations into your pom's? You should use settings.xml file instead.