Nexus Repository Manager 3 unattended configuration with API and PowerShell

Nexus Repository Manager 3 is a tool to create private repositories for Maven, NuGet, Python, Docker and several other package systems. I was requested to automate the installation. The first of the requirements was that it would run on a Windows Server OS. The second one was that two repositories had to be created. One for Chocolatey (NuGet) and one for Python (Pypi).

A Netscaler would be used for SSL offloading, so I used Chocolatey to install Nexus running on port 80, with the following commands:

choco install nexus-repository --params '"/Port:80"'

After the installation, a password file is created in ‘C:\ProgramData\sonatype-work\nexus3’ which can be used for the initial setup.

I like my systems clean, so the first thing I wanted to do is clean up the default Maven and NuGet repositories and proxies that come with the installation. I used PowerShell and the Nexus API to accomplish this.

    Save as: remove.ps1
    Usage: ./remove.ps1 -URL http://<yourhost> -user <username> -Password <password>
    [string]$user = 'admin',
    [string]$password = (Get-Content -path 'C:\ProgramData\sonatype-work\nexus3\admin.password'),

#Do not edit
[string]$baseURL = "$URL/service/rest"
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $User, $Password)))
[array]$Defaultrepos = 'maven','nuget'

#Remove default repos
$repos = invoke-restmethod -Method GET -uri "$baseURL/v1/repositories" -ContentType "application/json" -Headers @{Authorization = "Basic $base64AuthInfo" } 

#Find removals
foreach($r in $Defaultrepos) { $removals += $ | Where-Object { $_ -like "$r*" }}

#Remove repos
Foreach ($repo in $removals) {
    Write-host "Removing $repo repository"
    invoke-restmethod -method DELETE -Uri "$baseURL/v1/repositories/$repo" -ContentType "application/json" -Headers @{Authorization = "Basic $base64AuthInfo" } 

After the cleanup, the new repositories need to be created. For Chocolatey we need blob storage, a hosted NuGet repository and a group. Python requires its own blob storage, the hosted Pypi repository, a proxy for an direct package feed from and a group.

After the creation of the repositories, NuGet had a hard time accepting my Chocolatey packages. To fix this, the NuGet-API realm had to be added to realm security.
The last step was to enable anonymous authentication, for easy access to the packages.

I wanted to add the setup script to this page, but it is quite bulky, so I would like to invite you to my GitHub page so you can see and download it from there: GitHub – petertheautomator/NexusAutomation: Automation scripts for Nexus 3 OSS.

Setup.ps1 does all of the steps described above, but here is a small summary:
1. Create a blob storage
2. Create a hosted repository
3. Create a proxy if an proxy URL is supplied
4. Create a group to combine the hosted repository and the proxy.
5. add NuGet-API to the security realm
6. Enable anonoymous authenticaton (Read-Only)

If you run this script after you already did the initial setup wizard from Nexus, you will need to supply the admin password, otherwise the password file will be used for authentication.