From 98acd68f060562f41a829e0e659a25029823069c Mon Sep 17 00:00:00 2001
From: carolosf <carolosf@users.noreply.github.com>
Date: Thu, 23 Feb 2023 08:33:35 +0000
Subject: [PATCH] example_configs: Add example for Sonatype Nexus Repository
 Manager 3

---
 README.md                |  1 +
 example_configs/nexus.md | 56 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 example_configs/nexus.md

diff --git a/README.md b/README.md
index f63f5b3..55ad2ad 100644
--- a/README.md
+++ b/README.md
@@ -252,6 +252,7 @@ folder for help with:
 - [KeyCloak](example_configs/keycloak.md)
 - [Matrix](example_configs/matrix_synapse.yml)
 - [Nextcloud](example_configs/nextcloud.md)
+- [Nexus](example_configs/nexus.md)
 - [Organizr](example_configs/Organizr.md)
 - [Portainer](example_configs/portainer.md)
 - [Rancher](example_configs/rancher.md)
diff --git a/example_configs/nexus.md b/example_configs/nexus.md
new file mode 100644
index 0000000..e599a25
--- /dev/null
+++ b/example_configs/nexus.md
@@ -0,0 +1,56 @@
+# Configuration for Sonatype Nexus Repository Manager 3
+In Nexus log in as an administrator, go to `Server Administration and configuration (gear icon)` 
+
+Select `LDAP` under the `Security` section
+
+Click `Create connection`
+
+* Host: A name for the connection e.g. lldap
+* Type: ldap
+* Host: Your lldap server's ip/hostname
+* Port: Your lldap server's port (3890 by default)
+* Base DN: `dc=example,dc=com`
+* Authentication Method: Simple Authentication
+* Username or DN: `uid=admin,ou=people,dc=example,dc=com` or preferably create a read only user in lldap with the lldap_strict_readonly group. 
+* Password: The password for the user specified above
+
+Click `Verify connection` if successful click `Next`
+
+* Select a template: Generic ldap server
+* User Relative DN: `ou=people`
+* User subtree: Leave unchecked
+* Object class: person
+* User Filter:  Leave empty to allow all users to log in or `(memberOf=uid=nexus_users,ou=groups,dc=example,dc=com)` for a specific group
+* Username Attribute: `uid`
+* Real Name Attribute: `cn`
+* Email Attribute: `mail`
+* Password Attribute: Leave blank 
+* Check `Enable User Synchronization`
+
+Test user login credentials with `Verify login` 
+
+## Set up group mapping as roles
+
+Check `Map LDAP groups as roles`
+
+* Group Type: `Static Groups`
+* Group relative DN: `ou=groups`
+* Group subtree: Leave unchecked
+* Group object class: `groupOfUniqueNames`
+* Group ID attribute: `cn`
+* Group member attribute: `member`
+* Group member format: `uid=${username},ou=people,dc=example,dc=com`
+
+Check user mapping with `Verify user mapping`
+
+## Map specific roles to groups
+In Nexus log in as an administrator, go to `Server Administration and configuration (gear icon)`
+Select `Roles` under the `Security` section
+
+Click `Create Role`
+
+* Role ID: e.g. nexus_admin (name in nexus)
+* Role Name: e.g. nexus_admin (group in lldap)
+* Add privileges/roles as needed e.g. under Roles add nx-admin to the "contained" list
+
+Click `Save`
\ No newline at end of file