Sonatype Nexus Repository Manager is a universal binary repository that centralizes storage and distribution of build artifacts across your organization. It supports Maven JARs, npm packages, Docker images, Python packages, RubyGems, and more — acting as both a proxy for upstream registries and a private hosted repository. In large teams and CI/CD pipelines, Nexus reduces external network dependency, enforces licensing policies, and improves build repeatability. This guide walks through installing Nexus Repository Manager OSS on RHEL 9 and configuring it as a systemd service.
Prerequisites
- RHEL 9 server with at least 4 GB RAM and 20 GB free disk space
- A user account with
sudoprivileges - Java 17 (OpenJDK) installed on the system
- Port 8081 accessible through the firewall
Step 1 — Install Java 17
sudo dnf install -y java-17-openjdk java-17-openjdk-devel
# Verify the installation
java -version
# Set JAVA_HOME if needed
echo 'export JAVA_HOME=/usr/lib/jvm/java-17-openjdk' | sudo tee /etc/profile.d/java.sh
source /etc/profile.d/java.shStep 2 — Download and Extract Nexus
cd /opt
# Download the latest Nexus OSS release (check https://www.sonatype.com/download-oss-sonatype for the current version)
sudo wget https://download.sonatype.com/nexus/3/nexus-3.70.1-02-unix.tar.gz
# Extract the archive
sudo tar -xzf nexus-3.70.1-02-unix.tar.gz
# Rename for easier management
sudo mv nexus-3.70.1-02 nexus
# Clean up the tarball
sudo rm nexus-3.70.1-02-unix.tar.gz
# List the contents
ls /opt/nexus /opt/sonatype-workStep 3 — Create a Dedicated Nexus System User
# Create a system user with no login shell
sudo useradd -r -d /opt/nexus -s /bin/false nexus
# Set ownership on both the nexus app and data directories
sudo chown -R nexus:nexus /opt/nexus
sudo chown -R nexus:nexus /opt/sonatype-work
# Tell Nexus which user to run as
echo 'run_as_user="nexus"' | sudo tee /opt/nexus/bin/nexus.rcStep 4 — Create a systemd Service
sudo tee /etc/systemd/system/nexus.service > /dev/null <<EOF
[Unit]
Description=Sonatype Nexus Repository Manager
After=network.target
[Service]
Type=forking
LimitNOFILE=65536
ExecStart=/opt/nexus/bin/nexus start
ExecStop=/opt/nexus/bin/nexus stop
ExecReload=/opt/nexus/bin/nexus restart
User=nexus
Restart=on-failure
TimeoutStartSec=180
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl enable nexus
sudo systemctl start nexus
# Monitor the startup log (Nexus takes 1-2 minutes to fully initialize)
sudo tail -f /opt/sonatype-work/nexus3/log/nexus.logStep 5 — Open the Firewall Port
# Allow port 8081 through firewalld
sudo firewall-cmd --permanent --add-port=8081/tcp
sudo firewall-cmd --reload
# Verify the rule was applied
sudo firewall-cmd --list-ports
# Check service status
sudo systemctl status nexusStep 6 — Retrieve the Initial Admin Password and Configure Repositories
# Retrieve the one-time admin password
sudo cat /opt/sonatype-work/nexus3/admin.password
echo
# Access the web UI at: http://YOUR_SERVER_IP:8081
# Log in with username: admin and the password above
# The setup wizard will prompt you to change the password
# After login, navigate to:
# Administration > Repositories > Create repository
#
# Useful repository types to create:
# - maven2 (proxy) -> https://repo1.maven.org/maven2/
# - npm (proxy) -> https://registry.npmjs.org
# - docker (hosted) -> for your private Docker images
# - pypi (proxy) -> https://pypi.org
#
# For Maven projects, add to settings.xml:
#
# nexus
# *
# http://YOUR_SERVER_IP:8081/repository/maven-public/
# Conclusion
You now have a fully operational Sonatype Nexus Repository Manager running on RHEL 9 as a managed systemd service. By proxying upstream registries through Nexus, your builds become faster and more resilient to external outages. Hosted repositories allow teams to share internal artifacts securely without relying on a public registry. Always monitor the /opt/sonatype-work/nexus3/log/ directory for errors and schedule regular backups of the sonatype-work directory to protect your artifact store.
Next steps: How to Set Up a Private Docker Registry on RHEL 9, How to Configure Jenkins Pipeline with Nexus Artifact Publishing, and How to Install and Configure Apache Maven on RHEL 9.
