Nexus Repository 3 uses the Eclipse Jetty container. Jetty provides a InetAccessHandler that can be configured to restrict access by IP addresses and subnets.
Attached is a sample jetty config file that allows you to configure the InetAccessHandler using Nexus Repository 3 configuration.
To configure it:
- Download and store the file at
NEXUS_HOME/etc/jetty/jetty-ipfilter.xml
, with the same permissions as the other jetty files - Edit
NEXUS_HOME/etc/jetty/jetty-ipfilter.xml
, add exclude or include addresses. The patterns allowed are described in the jetty InetAddressSet documentation. - Edit
$WORKDIR/etc/nexus.properties
, and add the new jetty file into the nexus.args:nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml,${jetty.etc}/jetty-ipfilter.xml
- restart Nexus