nixos-config/stubbfelnix
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
master
stubbfelnix/services/nexus.nix
stubbfel f08ff9e904 fix neues update
2025-06-09 15:43:27 +02:00

98 lines
2.7 KiB
Nix
Raw Permalink Blame History

{ config, pkgs, lib, ...}:
let
lAddress = "127.0.0.1";
lPort = 9081;
nexusPkgs = pkgs.nexus.overrideAttrs (oldAttrs: rec {
pname = "nexus";
version = "3.80.0-06";
sourceRoot = "${pname}-${version}";
src = pkgs.fetchurl {
url = "https://download.sonatype.com/nexus/3/nexus-${version}-linux-x86_64.tar.gz";
sha256 = "sha256-+Xr6qmmG1tH2wWv+jyZzkZJMB1hngO51IXLyfwKUfS0=";
};
patches = [
# ./nexus-bin.patch
./nexus-vm-opts.patch
];
postPatch = ''
substituteInPlace bin/nexus.vmoptions \
--replace-fail ../sonatype-work /var/lib/sonatype-work \
--replace-fail =. =$out
'';
installPhase = ''
runHook preInstall
mkdir -p $out
cp -rfv * $out
rm -fv $out/bin/nexus.bat
wrapProgram $out/bin/nexus \
--set JAVA_HOME ${pkgs.jdk17_headless} \
--set ALTERNATIVE_NAME "nexus" \
--prefix PATH "${lib.makeBinPath [ pkgs.gawk ]}"
runHook postInstall
'';
});
home ="/var/lib/sonatype-work";
package = nexusPkgs;
in
{
services.nginx.virtualHosts."nexus.stubbe.rocks" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://${lAddress}:${toString lPort}";
};
services.nexus= {
enable = true;
listenAddress = lAddress;
listenPort = lPort;
package = nexusPkgs;
jvmOpts = ''
-Xms2703m
-Xmx2703m
-XX:+UnlockDiagnosticVMOptions
-XX:+LogVMOutput
-XX:LogFile=${home}/nexus3/log/jvm.log
-XX:-OmitStackTraceInFastThrow
-Djava.net.preferIPv4Stack=true
-Dkaraf.home=${package}
-Dkaraf.base=${package}
-Dkaraf.etc=${package}/etc/karaf
-Djava.util.logging.config.file=${package}/etc/karaf/java.util.logging.properties
-Dkaraf.data=${home}/nexus3
-Djava.io.tmpdir=${home}/nexus3/tmp
-Djdk.tls.ephemeralDHKeySize=2048
--add-reads=java.xml=java.logging
--add-opens
java.base/java.security=ALL-UNNAMED
--add-opens
java.base/java.net=ALL-UNNAMED
--add-opens
java.base/java.lang=ALL-UNNAMED
--add-opens
java.base/java.util=ALL-UNNAMED
--add-opens
java.naming/javax.naming.spi=ALL-UNNAMED
--add-opens
java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED
--add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED
--add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED
--add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED
--add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED
--add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED
--add-exports=java.security.sasl/com.sun.security.sasl=ALL-UNNAMED
--add-exports=java.base/sun.security.x509=ALL-UNNAMED
--add-exports=java.base/sun.security.rsa=ALL-UNNAMED
--add-exports=java.base/sun.security.pkcs=ALL-UNNAMED
'';
};
programs.nix-ld.enable = true;
}
Reference in New Issue View Git Blame Copy Permalink