Nexus Repository Backup and Restore

nexus_bkp_rst.md

Sonatype Nexus Backup and Restore Guide

This guide provides detailed instructions for backing up and restoring Sonatype Nexus data when running in a Docker container. It includes automated backup scripts and step-by-step restoration procedures.

Prerequisites

• Docker installed and running
• Sonatype Nexus running in a Docker container
• Root or sudo access to the host system
• Basic understanding of bash scripting and cron jobs

Current Setup Verification

First, verify your current Nexus container and volume setup:

# Check running containers
docker container ps
CONTAINER ID   IMAGE             COMMAND                  CREATED        STATUS        PORTS                    NAMES
2a408bbe6b30   sonatype/nexus3   "/opt/sonatype/nexus…"   47 hours ago   Up 47 hours   0.0.0.0:8081->8081/tcp   nexus

# Inspect volume mounts
docker inspect 2a408bbe6b30 --format '{{ .Mounts }}'
[{volume 92ca808eedc4274ad70da276585dbf94e1a0ef16602e9610efa05b1351b77d39 /var/lib/docker/volumes/92ca808eedc4274ad70da276585dbf94e1a0ef16602e9610efa05b1351b77d39/_data /nexus-data local  true }]

Setting Up Automated Backups

1. Create the Backup Script

Create a new file /opt/nexus/scripts/nexus-backup.sh:

#!/bin/bash

# Create backup directory
BACKUP_DIR="/opt/nexus/backups"
mkdir -p $BACKUP_DIR

# Create timestamp
BACKUP_DATE=$(date +%Y%m%d_%H%M%S)

# Create backup using the existing volume
docker run --rm \
  -v 92ca808eedc4274ad70da276585dbf94e1a0ef16602e9610efa05b1351b77d39:/source:ro \
  -v $BACKUP_DIR:/backup \
  ubuntu \
  tar czf /backup/nexus_backup_${BACKUP_DATE}.tar.gz -C /source .

# Verify backup
if docker run --rm \
   -v $BACKUP_DIR:/backup \
   ubuntu \
   tar tzf /backup/nexus_backup_${BACKUP_DATE}.tar.gz > /dev/null; then
    echo "Backup successful: nexus_backup_${BACKUP_DATE}.tar.gz"
else
    echo "Backup verification failed"
    exit 1
fi

# Cleanup old backups (keep last 30 days)
find $BACKUP_DIR -name "nexus_backup_*.tar.gz" -mtime +30 -delete

# Log backup completion
echo "Backup completed at $(date)" >> $BACKUP_DIR/backup.log

2. Set Up the Backup Schedule

# Make the script executable
sudo chmod +x /opt/nexus/scripts/nexus-backup.sh

# Edit crontab
sudo crontab -e

# Add this line to run backup daily at 2 AM
0 2 * * * /opt/nexus/scripts/nexus-backup.sh

3. Test the Backup

sudo /opt/nexus/scripts/nexus-backup.sh

Restoration Procedures

Emergency Restore (Production Instance)

Use this procedure when you need to restore your production Nexus instance:

# 1. Stop the Nexus container
docker stop 2a408bbe6b30

# 2. Create emergency backup of current state
docker run --rm \
  -v 92ca808eedc4274ad70da276585dbf94e1a0ef16602e9610efa05b1351b77d39:/source:ro \
  -v /opt/nexus/backups:/backup \
  ubuntu \
  tar czf /backup/emergency_backup_$(date +%Y%m%d_%H%M%S).tar.gz -C /source .

# 3. Clear existing volume
docker run --rm \
  -v 92ca808eedc4274ad70da276585dbf94e1a0ef16602e9610efa05b1351b77d39:/source \
  ubuntu \
  rm -rf /source/*

# 4. Restore from backup
docker run --rm \
  -v 92ca808eedc4274ad70da276585dbf94e1a0ef16602e9610efa05b1351b77d39:/target \
  -v /opt/nexus/backups:/backup \
  ubuntu \
  bash -c "cd /target && tar xzf /backup/nexus_backup_YYYYMMDD_HHMMSS.tar.gz"

# 5. Fix permissions
docker run --rm \
  -v 92ca808eedc4274ad70da276585dbf94e1a0ef16602e9610efa05b1351b77d39:/target \
  ubuntu \
  chown -R 200:200 /target

# 6. Start Nexus container
docker start 2a408bbe6b30

# 7. Monitor logs
docker logs -f 2a408bbe6b30

Test Restore (Safe Testing)

Use this procedure to test a backup without affecting your production instance:

# 1. Create test volume
docker volume create nexus-test-restore

# 2. Restore backup to test volume
docker run --rm \
  -v nexus-test-restore:/target \
  -v /opt/nexus/backups:/backup \
  ubuntu \
  bash -c "cd /target && tar xzf /backup/nexus_backup_YYYYMMDD_HHMMSS.tar.gz"

# 3. Fix permissions
docker run --rm \
  -v nexus-test-restore:/target \
  ubuntu \
  chown -R 200:200 /target

# 4. Start test container
docker run -d \
  --name nexus-test \
  -p 8082:8081 \
  -v nexus-test-restore:/nexus-data \
  sonatype/nexus3

# 5. Verify test instance at http://localhost:8082

# 6. Clean up test environment
docker stop nexus-test
docker rm nexus-test
docker volume rm nexus-test-restore

Important Notes

1. Backup Retention

   • Backups are kept for 30 days by default
   • Older backups are automatically deleted
   • Adjust the retention period by modifying the -mtime +30 value in the backup script

2. Storage Considerations

   • Ensure sufficient disk space for backups
   • Monitor the backup directory size regularly
   • Consider implementing backup rotation if storage is limited

3. Security

   • Backup files contain sensitive data
   • Secure the backup directory with appropriate permissions
   • Consider encrypting backups if storing offsite

4. Best Practices

   • Test the restore process periodically
   • Keep multiple backup copies
   • Document any custom configurations
   • Monitor backup logs for errors

Troubleshooting

1. If Nexus fails to start after restore:

   • Check container logs: docker logs nexus
   • Verify file permissions (should be 200:200)
   • Ensure all files were extracted correctly

2. If backup verification fails:

   • Check available disk space
   • Verify backup directory permissions
   • Check the backup log for error messages

3. If cron job isn't running:

   • Verify script permissions
   • Check system logs: sudo tail -f /var/log/syslog
   • Ensure cron service is running: sudo systemctl status cron

Support

For additional support:

• Sonatype Nexus Documentation: https://help.sonatype.com/repomanager3
• Docker Documentation: https://docs.docker.com/
• Create an issue in your organization's support system

Remember to always test the restore process in a safe environment before attempting it on a production system.