Sonatype Nexus Repository
Route your registry traffic through Aikido's registry proxy by configuring Nexus Repository as an intermediary. Nexus pulls packages from Aikido instead of the public registries, so every package your team installs is checked for malware, age restrictions, and known vulnerabilities.
Get your Aikido proxy URL
Go to Settings > Registry Proxy, select NPM or PyPI and copy the upstream proxy URL
Create a Proxy Repository in Nexus
In Nexus, go to Settings > Repository > Repositories.
Click Create Repository and select npm (proxy) or pypi (proxy).
Give the repository a name, for example
aikido-npmoraikido-pypi.Under Remote Storage, paste your Aikido proxy URL from step 1.
Save the repository.
Do not change the Remote Storage URL after the repository is created. Doing so can cause 404 errors as Nexus tries to reconcile cached metadata. If you need a different upstream URL, create a new proxy repository instead.
(Optional) Create a Group Repository
If you also have internal packages in a hosted Nexus repository, create a Group Repository to expose both under a single URL:
Go to Settings > Repository > Repositories > Create Repository and select npm (group) or pypi (group).
Add your hosted repository and the proxy repository as members.
Point your package manager at the group repository URL instead.
Group repositories are read-only in Nexus Community Edition. To publish packages, always push directly to the hosted repository.
Configure Developer Machines to use Nexus
Point each developer's package manager at the Nexus repository. See Sonatype's documentation for the exact steps, including authentication setup:
(Optional) Block the public registry with Device Protection
Once Nexus is in place, developers can still bypass it by pointing their package manager directly at the public registry. Deploy Aikido Device Protection to enforce that all traffic goes through your private registry.
Block Public Package RegistriesLast updated
Was this helpful?